CNNVD-202512-379 Information
CNNVD ID
CNNVD-202512-379
Related CVE
- CNNVD Published: 2025-12-03
Description (Chinese)
Splunk Cloud Platform和Splunk Enterprise都是美国Splunk公司的产品。Splunk Cloud Platform是一个强大的数据收集、处理和分析服务。Splunk Enterprise是一套数据收集分析软件。 Splunk Cloud Platform和Splunk Enterprise存在信息泄露漏洞,该漏洞源于低权限用户可接收未授权访问的报告或警报通知,可能导致信息泄露。
Description (English)
Splunk Cloud Platform and Splunk Enterprise are products of the United States company Splunk. Splung Cloud Platform is a powerful data collection, processing and analysis service. Splung Enterprise is a data collection and analysis software. Splung Cloud Platform and Splunk Enterprise have a leaking loophole, which stems from the fact that low-authorized users can receive unauthorized reports or alerts, which may lead to a leak.
Hazard Level
High
Vulnerability Type
信息泄露
Affected Vendor
Splunk
Published
2025-12-03
Last Modified
2026-02-24
References
https://advisory.splunk.com/advisories/SVD-2025-1202 https://vigilance.fr/vulnerability/Splunk-Enterprise-information-disclosure-via-Push-Notifications-48966
Patch
https://www.splunk.com/en_us/products/splunk-enterprise.html
Share on: