CVE-2025-20227

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.112, 9.2.2403.115, 9.1.2312.208 and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could bypass the external content warning modal dialog box in Dashboard Studio dashboards which could lead to an information disclosure.

Published: Mar 26, 2025
Updated: May 4, 2025
CVE: CVE-2025-20227
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
splunk / splunk	9.2.0	9.2.4
splunk / splunk	9.1.0	9.1.8
splunk / splunk	9.3.0	9.3.3
splunk / splunk	9.4.0	9.4.0.x
splunk / splunk_cloud_platform	9.1.2312	9.1.2312.208
splunk / splunk_cloud_platform	9.1.2308	9.1.2308.214
splunk / splunk_cloud_platform	9.2.2403	9.2.2403.115
splunk / splunk_cloud_platform	9.2.2406.100	9.2.2406.113
splunk / splunk_cloud_platform	9.3.2408.100	9.3.2408.107

https://advisory.splunk.com/advisories/SVD-2025-0306

Vulnerability Database

CVE-2025-20227