CVE-2025-20321

🗓️ 07 Jul 2025 17:48:03Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 25 Views

Vulnerability in Splunk allows unauthenticated attacker to alter Search Head Cluster states via CSRF

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2025-20321	7 Jul 202519:29	–	circl
CNNVD	Splunk Cloud Platform和Splunk Enterprise 跨站请求伪造漏洞	7 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-20321 Membership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise	7 Jul 202517:48	–	cvelist
EUVD	EUVD-2025-20295	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform	8 Jul 202512:03	–	ncsc
NVD	CVE-2025-20321	7 Jul 202518:15	–	nvd
OSV	CVE-2025-20321	7 Jul 202518:15	–	osv
Positive Technologies	PT-2025-28232 · Splunk · Splunk Enterprise +1	7 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-20321	9 Jul 202518:16	–	redhatcve
Tenable Nessus	Splunk Enterprise 9.1.0 < 9.1.10, 9.2.0 < 9.2.7, 9.3.0 < 9.3.5, 9.4.0 < 9.4.3 (SVD-2025-0704)	7 Jul 202500:00	–	nessus

NVD

Node

splunk splunkRange9.1.0–9.1.10enterprise

splunk splunkRange9.2.0–9.2.7enterprise

splunk splunkRange9.3.0–9.3.5enterprise

splunk splunkRange9.4.0–9.4.3enterprise

splunk splunk_cloud_platformRange9.2.2406–9.2.2406.119

splunk splunk_cloud_platformRange9.3.2408–9.3.2408.114

splunk splunk_cloud_platformRange9.3.2411–9.3.2411.104

[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "9.4",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.4.3"
      },
      {
        "version": "9.3",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.3.5"
      },
      {
        "version": "9.2",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.2.7"
      },
      {
        "version": "9.1",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.1.10"
      }
    ]
  },
  {
    "product": "Splunk Enterprise Cloud",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "9.3.2411",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.3.2411.104"
      },
      {
        "version": "9.3.2408",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.3.2408.114"
      },
      {
        "version": "9.2.2406",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.2.2406.119"
      }
    ]
  }
]

Source	Link
advisory	www.advisory.splunk.com/advisories/SVD-2025-0704

21 Jul 2025 20:57Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.14.3 - 6.5

EPSS0.00068

SSVC

CWE-352