CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20227

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.112, 9.2.2403.115, 9.1.2312.208 and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could bypass the external content warning modal dialog box in Dashboard Studio dashboards which could lead to an information disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.4%

CVSS Severity

CVSS v3 Score 4.3

References

https://advisory.splunk.com/advisories/SVD-2025-0306

Products affected by CVE-2025-20227

Splunk » Splunk » Version: 9.1.0

cpe:2.3:a:splunk:splunk:9.1.0
Splunk » Splunk » Version: 9.1.0.1

cpe:2.3:a:splunk:splunk:9.1.0.1
Splunk » Splunk » Version: 9.1.0.2

cpe:2.3:a:splunk:splunk:9.1.0.2
Splunk » Splunk » Version: 9.1.1

cpe:2.3:a:splunk:splunk:9.1.1
Splunk » Splunk » Version: 9.1.2

cpe:2.3:a:splunk:splunk:9.1.2
Splunk » Splunk » Version: 9.1.3

cpe:2.3:a:splunk:splunk:9.1.3
Splunk » Splunk » Version: 9.1.4

cpe:2.3:a:splunk:splunk:9.1.4
Splunk » Splunk » Version: 9.1.5

cpe:2.3:a:splunk:splunk:9.1.5
Splunk » Splunk » Version: 9.1.6

cpe:2.3:a:splunk:splunk:9.1.6
Splunk » Splunk » Version: 9.1.7

cpe:2.3:a:splunk:splunk:9.1.7
Splunk » Splunk » Version: 9.2.0

cpe:2.3:a:splunk:splunk:9.2.0
Splunk » Splunk » Version: 9.2.1

cpe:2.3:a:splunk:splunk:9.2.1
Splunk » Splunk » Version: 9.2.2

cpe:2.3:a:splunk:splunk:9.2.2
Splunk » Splunk » Version: 9.2.3

cpe:2.3:a:splunk:splunk:9.2.3
Splunk » Splunk » Version: 9.3.0

cpe:2.3:a:splunk:splunk:9.3.0
Splunk » Splunk » Version: 9.3.1

cpe:2.3:a:splunk:splunk:9.3.1
Splunk » Splunk » Version: 9.3.2

cpe:2.3:a:splunk:splunk:9.3.2
Splunk » Splunk » Version: 9.4.0

cpe:2.3:a:splunk:splunk:9.4.0
Splunk » Splunk Cloud Platform » Version: 9.1.2308

cpe:2.3:a:splunk:splunk_cloud_platform:9.1.2308
Splunk » Splunk Cloud Platform » Version: 9.1.2308.207

cpe:2.3:a:splunk:splunk_cloud_platform:9.1.2308.207
Splunk » Splunk Cloud Platform » Version: 9.1.2312

cpe:2.3:a:splunk:splunk_cloud_platform:9.1.2312
Splunk » Splunk Cloud Platform » Version: 9.1.2312.100

cpe:2.3:a:splunk:splunk_cloud_platform:9.1.2312.100
Splunk » Splunk Cloud Platform » Version: 9.1.2312.108

cpe:2.3:a:splunk:splunk_cloud_platform:9.1.2312.108
Splunk » Splunk Cloud Platform » Version: 9.1.2312.109

cpe:2.3:a:splunk:splunk_cloud_platform:9.1.2312.109
Splunk » Splunk Cloud Platform » Version: 9.1.2312.206

cpe:2.3:a:splunk:splunk_cloud_platform:9.1.2312.206
Splunk » Splunk Cloud Platform » Version: 9.2.2403

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2403
Splunk » Splunk Cloud Platform » Version: 9.2.2403.100

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2403.100
Splunk » Splunk Cloud Platform » Version: 9.2.2403.108

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2403.108
Splunk » Splunk Cloud Platform » Version: 9.2.2403.109

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2403.109
Splunk » Splunk Cloud Platform » Version: 9.2.2403.111

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2403.111
Splunk » Splunk Cloud Platform » Version: 9.2.2406.100

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2406.100
Splunk » Splunk Cloud Platform » Version: 9.2.2406.106

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2406.106
Splunk » Splunk Cloud Platform » Version: 9.2.2406.107

cpe:2.3:a:splunk:splunk_cloud_platform:9.2.2406.107
Splunk » Splunk Cloud Platform » Version: 9.3.2408.101

cpe:2.3:a:splunk:splunk_cloud_platform:9.3.2408.101

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20227

Products

Pricing

Contact Us