PT-2025-48957 · Splunk · Splunk Cloud Platform+1
Published
2025-12-03
·
Updated
2025-12-05
·
CVE-2025-20385
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Splunk Enterprise versions prior to 10.0.2, 9.4.6, 9.3.8, and 9.2.10
Splunk Cloud Platform versions prior to 10.1.2507.6, 10.0.2503.7, and 9.3.2411.117
Description
A user with the
admin all objects privilege capability could potentially execute unauthorized JavaScript code in a user's browser. This is possible by crafting a malicious payload through the href attribute of an anchor tag within a collection in the navigation bar.Recommendations
Update Splunk Enterprise to version 10.0.2 or later.
Update Splunk Enterprise to version 9.4.6 or later.
Update Splunk Enterprise to version 9.3.8 or later.
Update Splunk Enterprise to version 9.2.10 or later.
Update Splunk Cloud Platform to version 10.1.2507.6 or later.
Update Splunk Cloud Platform to version 10.0.2503.7 or later.
Update Splunk Cloud Platform to version 9.3.2411.117 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Splunk Cloud Platform
Splunk Enterprise