5.3

CVE-2025-20384

Medienbericht

EPSS 0.12%
Veröffentlicht 03.12.2025 17:00:34
Zuletzt bearbeitet 05.12.2025 18:14:07
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Unauthenticated Log Injection in Splunk Enterprise

In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files due to improper validation at the /en-US/static/ web endpoint. This may allow them to poison, forge, or obfuscate sensitive log data through specially crafted HTTP requests, potentially impacting log integrity and detection capabilities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 7 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Splunk ≫ Splunk SwEditionenterprise Version >= 9.2.0 < 9.2.10

Splunk ≫ Splunk SwEditionenterprise Version >= 9.3.0 < 9.3.8

Splunk ≫ Splunk SwEditionenterprise Version >= 9.4.0 < 9.4.6

Splunk ≫ Splunk Version10.0.0 SwEditionenterprise

Splunk ≫ Splunk Cloud Platform Version >= 9.3.2411 < 9.3.2411.117

Splunk ≫ Splunk Cloud Platform Version >= 10.0.2503 < 10.0.2503.6

Splunk ≫ Splunk Cloud Platform Version >= 10.1.2507 < 10.1.2507.4

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.303

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@cisco.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-117 Improper Output Neutralization for Logs

The product does not neutralize or incorrectly neutralizes output that is written to logs.

https://www.heise.de/news/Sicherheitspatches-Splunk-Unberechtigte-Zugriffe-moeglich-11102291.html

Media Report

https://advisory.splunk.com/advisories/SVD-2025-1203

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-20384

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-20384

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-20384

EUVD