SB2025120435 - Multiple vulnerabilities in Splunk Enterprise and Splunk Secure Gateway 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025120435

SB2025120435 - Multiple vulnerabilities in Splunk Enterprise and Splunk Secure Gateway

Published: December 4, 2025

Security Bulletin ID SB2025120435
Severity
Low
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Improper access control (CVE-ID: CVE-2025-20383)

The vulnerability allows a remote user to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions. A remote user can subscribe to mobile push notifications and receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert.


2) Input validation error (CVE-ID: CVE-2025-20389)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the "label" column field in Splunk Secure Gateway App. A remote user can pass a malicious payload through the label column field after adding a new device in the Splunk Secure Gateway app and perform a denial of service attack.


Remediation

Install update from vendor's website.

References