3 matches found
CVE-2025-22621 Privilege escalation for users who hold the “splunk_app_soar“ role in the Splunk App for SOAR
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the adminallobjects capability to the splunkappsoar role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles...
CVE-2025-22621
CVE-2025-22621 affects Splunk App for SOAR, versions 1.0.67 and lower. The root cause is a documentation-guided addition of the admin_all_objects capability to the splunk_app_soar role, potentially granting high-privilege access to a low-privileged user and compromising access control. The CVE is...
CVE-2025-22621 Privilege escalation for users who hold the “splunk_app_soar“ role in the Splunk App for SOAR
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the adminallobjects capability to the splunkappsoar role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles...