CVE-2025-20366
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-01
Last updated on: 2025-10-08
Assigner: Cisco Systems, Inc.
Description
Description
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111, 9.3.2408.119, and 9.2.2406.122, a low-privileged user that does not hold the admin or power Splunk roles could access sensitive search results if Splunk Enterprise runs an administrative search job in the background. If the low privileged user guesses the search jobβs unique Search ID (SID), the user could retrieve the results of that job, potentially exposing sensitive search results. For more information see https://help.splunk.com/en/splunk-enterprise/search/search-manual/10.0/manage-jobs/about-jobs-and-job-management and https://help.splunk.com/en/splunk-enterprise/search/search-manual/10.0/manage-jobs/manage-search-jobs.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| splunk | splunk | From 9.2.0 (inc) to 9.2.8 (exc) |
| splunk | splunk | From 9.3.0 (inc) to 9.3.6 (exc) |
| splunk | splunk | From 9.4.0 (inc) to 9.4.4 (exc) |
| splunk | splunk_cloud_platform | From 9.2.2406 (inc) to 9.2.2406.122 (exc) |
| splunk | splunk_cloud_platform | From 9.3.2408 (inc) to 9.3.2408.119 (exc) |
| splunk | splunk_cloud_platform | From 9.3.2411 (inc) to 9.3.2411.111 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
