Main Vulnerability Database Vulnerabilities #VU119140

Improper access control in Splunk Enterprise and Splunk Secure Gateway - CVE-2025-20383

Published: December 4, 2025

Vulnerability identifier: #VU119140

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-20383

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Splunk Inc.

Affected software:
Splunk Enterprise
Splunk Secure Gateway

Detailed vulnerability description

The vulnerability allows a remote user to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions. A remote user can subscribe to mobile push notifications and receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert.

How to mitigate CVE-2025-20383

Install updates from vendor's website.

Sources

https://advisory.splunk.com/advisories/SVD-2025-1202

Improper access control in Splunk Enterprise and Splunk Secure Gateway - CVE-2025-20383

Detailed vulnerability description

How to mitigate CVE-2025-20383

Sources

Please verify you're human