CVE-2025-20388

CWE-918 — Server-Side Request Forgery (SSRF)CWE-401 — Memory Leak4 documents4 sources

Severity

2.7LOW

EPSS

0.1%

top 84.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Splunk Splunk Cloud Platform Splunk Splunk Enterprise Splunk Splunk

Timeline

PublishedDec 3

Description

In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability `change_authentication` could enumerate internal IP addresses and network ports when adding new search peers to a Splunk search head in a distributed environment.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:NExploitability: 1.2 | Impact: 1.4

Affected Packages4 packages

▶CVEListV5splunk/splunk_cloud_platform10.1.2507 — 10.1.2507.4+2

▶NVDsplunk/splunk_cloud_platform9.3.2411 — 9.3.2411.116+2

▶CVEListV5splunk/splunk_enterprise10.0 — 10.0.1+3

▶NVDsplunk/splunk9.2.0 — 9.2.10+3

🔴Vulnerability Details

CVEList

Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise↗2025-12-03

▶

GHSA

GHSA-c3c6-ggqg-7crv: In Splunk Enterprise versions below 10↗2025-12-03

▶

📋Vendor Advisories

Microsoft

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.↗2020-01-14

▶