CVE-2025-20389

Improper Input Validation in "label" column field in Splunk Secure Gateway App

CVSS 4.3 MEDIUMEPSS 0.4%CWE-20

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

03 dez 2025Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS).

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Produtos afetados

Splunk · Splunk Cloud Platform Splunk · Splunk Enterprise Splunk · Splunk Secure Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://advisory.splunk.com/advisories/SVD-2025-1208