CVE-2025-20300

Published Jul 7, 2025

Last updated 10 days ago

CVSS medium 4.3

Overview

Description
In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.112, and 9.2.2406.119, a low-privileged user that does not hold the "admin" or "power" Splunk roles, and has read-only access to a specific alert, could suppress that alert when it triggers. See [Define alert suppression groups to throttle sets of similar alerts](https://help.splunk.com/en/splunk-enterprise/alert-and-respond/alerting-manual/9.4/manage-alert-trigger-conditions-and-throttling/define-alert-suppression-groups-to-throttle-sets-of-similar-alerts).
Source
psirt@cisco.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Severity
MEDIUM

Weaknesses

psirt@cisco.com
CWE-863

Social media

Hype score
Not currently trending

  1. CVE-2025-20300 In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.112, and 9.2.2406.119, a low-privil… https://t.co/1q5PIp2kZu

    @CVEnew

    7 Jul 2025

    338 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.