- 121/2025
- High
Splunk has released security updates to fix two vulnerabilities affecting Splunk Enterprise, Splunk Cloud Platform, and Splunk Universal Forwarder for Windows.
The addressed vulnerabilities could allow the remote attacker to conduct crosssite scripting attacks or gain access to the affected product.
The addressed vulnerabilities:
1. Incorrect Permission Assignment on Splunk Universal Forwarder for Windows Vulnerability (CVE-2025-20298):
- CVSS: 8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: Required
- Consequences: Gain Access
2. Reflected Cross-Site Scripting (XSS) on Splunk Enterprise Vulnerability (CVE- 2025-20297):
- CVSS: 4.3
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Cross-Site Scripting
Vulnerabilities
- CVE-2025-20297
- CVE-2025-20298
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.