Splunk Enterprise Cloud vulnerabilities

5 known vulnerabilities affecting splunk/splunk_enterprise_cloud.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2025-20370MEDIUMCVSS 4.9≥ 9.3.2411, < 9.3.2411.108≥ 9.3.2408, < 9.3.2408.118+1 more2025-10-01
CVE-2025-20370 [MEDIUM] CWE-400 CVE-2025-20370: In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versi In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability `change_authentication`, could send multiple LDAP bind requests to a specific internal endpoint, resulting in high server CPU us
cvelistv5nvd
CVE-2025-20320HIGHCVSS 7.3≥ 9.3.2411, < 9.3.2411.107≥ 9.3.2408, < 9.3.2408.117+1 more2025-07-07
CVE-2025-20320 [HIGH] CWE-35 CVE-2025-20320: In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versio In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `User Interface - Views` configuration page that could potentially lead to a d
cvelistv5nvd
CVE-2025-20324MEDIUMCVSS 5.4≥ 9.3.2411, < 9.3.2411.104≥ 9.3.2408, < 9.3.2408.113+1 more2025-07-07
CVE-2025-20324 [MEDIUM] CWE-284 CVE-2025-20324: In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versio In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.7, and 9.1.10 and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create or overwrite [system source type](https://help.splunk.com/en/splunk-enterprise/get-started/get-data-in/9.2
cvelistv5nvd
CVE-2025-20322MEDIUMCVSS 4.3≥ 9.3.2411, < 9.3.2411.104≥ 9.3.2408, < 9.3.2408.113+1 more2025-07-07
CVE-2025-20322 [MEDIUM] CWE-352 CVE-2025-20322: In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versi In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the Search Head Cluster through a Cross-Site Request Forgery (CSRF), potentia
cvelistv5nvd
CVE-2025-20321MEDIUMCVSS 4.3≥ 9.3.2411, < 9.3.2411.104≥ 9.3.2408, < 9.3.2408.114+1 more2025-07-07
CVE-2025-20321 [MEDIUM] CWE-352 CVE-2025-20321: In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versio In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.114, and 9.2.2406.119, an unauthenticated attacker can send a specially-crafted SPL search that could change the membership state in a Splunk Search Head Cluster (SHC) through a Cross-Site Request Forgery (CSRF), potent
cvelistv5nvd