CVE-2025-20389

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-20389
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS).

4.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://advisory.splunk.com/advisories/SVD-2025-1208 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_secure_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_secure_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_secure_gateway:*:*:*:*:*:*:*:*
History

17 Jun 2026, 08:41

Type Values Removed Values Added
Summary
  • (es) En las versiones de Splunk Enterprise anteriores a la 10.0.2, 9.4.6, 9.3.8 y 9.2.10, y en las versiones anteriores a la 3.9.10, 3.8.58 y 3.7.28 de la aplicación Splunk Secure Gateway en Splunk Cloud Platform, un usuario con privilegios bajos que no posee los roles de Splunk 'admin' o 'power' podría crear una carga útil maliciosa a través del campo de columna 'label' después de añadir un nuevo dispositivo en la aplicación Splunk Secure Gateway. Esto podría conducir potencialmente a una denegación de servicio (DoS) del lado del cliente.

05 Dec 2025, 17:05

Type Values Removed Values Added
First Time Splunk splunk
Splunk splunk Secure Gateway
Splunk
Splunk splunk Cloud Platform
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:splunk_secure_gateway:*:*:*:*:*:*:*:*
References () https://advisory.splunk.com/advisories/SVD-2025-1208 - () https://advisory.splunk.com/advisories/SVD-2025-1208 - Vendor Advisory

03 Dec 2025, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-12-03 17:15

Updated : 2026-06-17 08:41

NVD link : CVE-2025-20389

Mitre link : CVE-2025-20389

CVE.ORG link : CVE-2025-20389

JSON object : View

Products Affected

splunk

  • splunk_cloud_platform
  • splunk
  • splunk_secure_gateway
CWE
CWE-20

Improper Input Validation

NVD-CWE-noinfo