CNNVD-202507-753 Information

CNNVD ID

CNNVD-202507-753

Related CVE

CVE-2025-20321

• CNNVD Published: 2025-07-07

Description (Chinese)

Splunk Cloud Platform和Splunk Enterprise都是美国Splunk公司的产品。Splunk Cloud Platform是一个强大的数据收集、处理和分析服务。Splunk Enterprise是一套数据收集分析软件。 Splunk Enterprise和Splunk Cloud Platform存在跨站请求伪造漏洞，该漏洞源于跨站请求伪造，可能导致搜索头集群成员状态变更。以下产品及版本受到影响:Splunk Enterprise 9.4.3、9.3.5、9.2.7和9.1.10之前版本和Splunk Cloud Platform 9.3.2411.104、9.3.2408.114和9.2.2406.119之前版本。

Description (English)

Splunk Cloud Platform and Splunk Enterprise are products of the United States company Splunk. Splung Cloud Platform is a powerful data collection, processing and analysis service. Splung Enterprise is a data collection and analysis software. Splunk Enterprise and Splunk Cloud Platform have cross-site requests for forgery, which stems from cross-site requests for forgery and may lead to a change in the status of the search head group members. The following products and versions were affected: Splung Enterprise 9.4.3, 9.3.5, 9.2.7 and 9.1.10 pre-versions and Splung Cloud Platform 9.3.2411.104, 9.3.2408.114 and 9.2.2406.119 pre-versions.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

视博网讯

Published

2025-07-07

Last Modified

2026-02-24

References

https://advisory.splunk.com/advisories/SVD-2025-0704

Patch

https://advisory.splunk.com/advisories/SVD-2025-0704