CVE-2025-20388
BaseFortify
Publication date: 2025-12-03
Last updated on: 2025-12-05
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| splunk | splunk | From 9.2.0 (inc) to 9.2.10 (exc) |
| splunk | splunk | From 9.3.0 (inc) to 9.3.8 (exc) |
| splunk | splunk | From 9.4.0 (inc) to 9.4.6 (exc) |
| splunk | splunk | 10.0.0 |
| splunk | splunk_cloud_platform | From 9.3.2411 (inc) to 9.3.2411.116 (exc) |
| splunk | splunk_cloud_platform | From 10.0.2503 (inc) to 10.0.2503.6 (exc) |
| splunk | splunk_cloud_platform | From 10.1.2507 (inc) to 10.1.2507.4 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in certain versions of Splunk Enterprise and Splunk Cloud Platform where a user with a high privilege role containing the capability 'change_authentication' can enumerate internal IP addresses and network ports when adding new search peers to a Splunk search head in a distributed environment.
How can this vulnerability impact me? :
The vulnerability allows a privileged user to discover internal network details such as IP addresses and ports, which could potentially aid in further network reconnaissance or targeted attacks within the environment.