CVE-2025-20227

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 9.4.1 Splunk Enterprise versions prior to 9.3.3 Splunk Enterprise versions prior to 9.2.5 Splunk Enterprise versions prior to 9.1.8 Splunk Cloud Platform versions prior to 9.3.2408.107 Splunk Cloud Platform versions prior to 9.2.2406.112 Splunk Cloud Platform versions prior to 9.2.2403.115 Splunk Cloud Platform versions prior to 9.1.2312.208 Splunk Cloud Platform versions prior to 9.1.2308.214

Description A low-privileged user without the "admin" or "power" Splunk roles could bypass the external content warning modal dialog box in Dashboard Studio dashboards, potentially leading to information disclosure.

Recommendations For Splunk Enterprise versions prior to 9.4.1, update to version 9.4.1 or later. For Splunk Enterprise versions prior to 9.3.3, update to version 9.3.3 or later. For Splunk Enterprise versions prior to 9.2.5, update to version 9.2.5 or later. For Splunk Enterprise versions prior to 9.1.8, update to version 9.1.8 or later. For Splunk Cloud Platform versions prior to 9.3.2408.107, update to version 9.3.2408.107 or later. For Splunk Cloud Platform versions prior to 9.2.2406.112, update to version 9.2.2406.112 or later. For Splunk Cloud Platform versions prior to 9.2.2403.115, update to version 9.2.2403.115 or later. For Splunk Cloud Platform versions prior to 9.1.2312.208, update to version 9.1.2312.208 or later. For Splunk Cloud Platform versions prior to 9.1.2308.214, update to version 9.1.2308.214 or later.