Splunk has revealed six critical security vulnerabilities affecting multiple versions of Splunk Enterprise and Splunk Cloud Platform, mainly involving JavaScript execution, SSRF, and server-side issues. Immediate upgrades and certain mitigation steps are recommended to protect against potential exploitation. #SplunkVulnerabilities #XSS #SSRF
Keypoints
- Six critical vulnerabilities have been identified in Splunk Enterprise and Cloud Platform.
- Two cross-site scripting (XSS) flaws can be exploited by low-privileged users to execute malicious JavaScript.
- Serious SSRF vulnerability (CVE-2025-20371) can lead to unauthorized REST API calls under specific conditions.
- A DoS vulnerability can be triggered by LDAP requests from privileged users, causing server restart.
- Splunk recommends upgrading to fixed versions and applying mitigations such as disabling Splunk Web.
Read More: https://thecyberexpress.com/critical-splunk-vulnerabilities/