CNNVD-202507-750 Information

CNNVD ID

CNNVD-202507-750

Related CVE

CVE-2025-20319

• CNNVD Published: 2025-07-07

Description (Chinese)

Splunk Enterprise是美国Splunk公司的一套数据收集分析软件。 Splunk Enterprise存在操作系统命令注入漏洞，该漏洞源于输入清理不当，可能导致远程命令执行。以下版本受到影响：9.4.3、9.3.5、9.2.7和9.1.10之前版本。

Description (English)

Splunk Enterprise is a data collection and analysis software for the United States company Splunk. Splunk Enterprise has a bug in the operating system command, which stems from inappropriate input clean-up and may lead to remote command execution. The following versions were affected: before 9.4.3, 9.3.5, 9.2.7 and 9.1.10.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

视博网讯

Published

2025-07-07

Last Modified

2026-02-24

References

https://advisory.splunk.com/advisories/SVD-2025-0702

Patch

https://advisory.splunk.com/advisories/SVD-2025-0702