CVE-2025-20300

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.2 Splunk Enterprise versions prior to 9.3.5 Splunk Enterprise versions prior to 9.2.6 Splunk Enterprise versions prior to 9.1.9 Splunk Cloud Platform versions prior to 9.3.2411.103 Splunk Cloud Platform versions prior to 9.3.2408.112 Splunk Cloud Platform versions prior to 9.2.2406.119

Description: A low-privileged user without the "admin" or "power" Splunk roles, but with read-only access to a specific alert, could suppress that alert when it triggers.

Recommendations: For Splunk Enterprise versions prior to 9.4.2, update to version 9.4.2 or later. For Splunk Enterprise versions prior to 9.3.5, update to version 9.3.5 or later. For Splunk Enterprise versions prior to 9.2.6, update to version 9.2.6 or later. For Splunk Enterprise versions prior to 9.1.9, update to version 9.1.9 or later. For Splunk Cloud Platform versions prior to 9.3.2411.103, update to version 9.3.2411.103 or later. For Splunk Cloud Platform versions prior to 9.3.2408.112, update to version 9.3.2408.112 or later. For Splunk Cloud Platform versions prior to 9.2.2406.119, update to version 9.2.2406.119 or later.