Information Disclosure in Splunk Enterprise and Cloud Platform
CVE-2025-20227

4.3MEDIUM

Key Information:

Vendor: Splunk
Status: Splunk Enterprise; Splunk Cloud Platform
Vendor: CVE Published:; 26 March 2025

What is CVE-2025-20227?

In specific versions of Splunk Enterprise and Splunk Cloud Platform, low-privileged users can bypass a critical content warning in Dashboard Studio. This vulnerability potentially exposes sensitive information that could be leveraged for further attacks. Proper configuration and version updates are crucial to mitigate this risk.

Affected Version(s)

Splunk Cloud Platform 9.3.2408 < 9.3.2408.107

Splunk Cloud Platform 9.2.2406 < 9.2.2406.113

Splunk Cloud Platform 9.2.2403 < 9.2.2403.115

References

https://advisory.splunk.com/advisories/SVD-2025-0306

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2025
Vulnerability Reserved
Oct 10, 2024

Credit

Taihei Shimamine