CVE-2025-22621

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-22621
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles.

6.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://advisory.splunk.com/advisories/SVD-2025-0101
Configurations

No configuration.

History

15 Jan 2025, 17:15

Type Values Removed Values Added
Summary
  • (es) En las versiones 1.0.67 y anteriores de Splunk App para SOAR, la documentación de Splunk para esa aplicación recomendaba agregar la capacidad `admin_all_objects` al rol `splunk_app_soar`. Esta adición podría generar un control de acceso inadecuado para un usuario con poco nivel de privilegios que no tenga el rol de Splunk de "administrador".
Summary (en) In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the “admin“ Splunk roles. (en) In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles.

07 Jan 2025, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-01-07 17:15

Updated : 2025-01-15 17:15

NVD link : CVE-2025-22621

Mitre link : CVE-2025-22621

CVE.ORG link : CVE-2025-22621

JSON object : View

Products Affected

No product.

CWE
CWE-269

Improper Privilege Management