Splunk Cloud Platform和Splunk Enterprise 日志信息泄露漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Vulnerabilities regarding log...

CVE-2025-59197

Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally...

CVE-2025-20325 Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster splunk.secret key. This exposure could happen if you have a Search Head cluster and...