Splunk Products Multiple Vulnerabilities

Release Date: 9 Jul 2025

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities were identified in Splunk products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, security restriction bypass, remote code execution, denial of service condition and elevation of privilege on the targeted system.

---

Impact

• Elevation of Privilege
• Security Restriction Bypass
• Information Disclosure
• Remote Code Execution
• Denial of Service

---

System / Technologies affected

• Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10
• Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117 and 9.2.2406.119

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://advisory.splunk.com/advisories/SVD-2025-0702
• https://advisory.splunk.com/advisories/SVD-2025-0703
• https://advisory.splunk.com/advisories/SVD-2025-0704
• https://advisory.splunk.com/advisories/SVD-2025-0705
• https://advisory.splunk.com/advisories/SVD-2025-0706
• https://advisory.splunk.com/advisories/SVD-2025-0707
• https://advisory.splunk.com/advisories/SVD-2025-0708
• https://advisory.splunk.com/advisories/SVD-2025-0709

---

Vulnerability Identifier

• CVE-2025-20300
• CVE-2025-20319
• CVE-2025-20320
• CVE-2025-20321
• CVE-2025-20322
• CVE-2025-20323
• CVE-2025-20324
• CVE-2025-20325

---

Source

• Splunk

---

Related Link

• https://advisory.splunk.com/advisories/SVD-2025-0702
• https://advisory.splunk.com/advisories/SVD-2025-0703
• https://advisory.splunk.com/advisories/SVD-2025-0704
• https://advisory.splunk.com/advisories/SVD-2025-0705
• https://advisory.splunk.com/advisories/SVD-2025-0706
• https://advisory.splunk.com/advisories/SVD-2025-0707
• https://advisory.splunk.com/advisories/SVD-2025-0708
• https://advisory.splunk.com/advisories/SVD-2025-0709