CNNVD-202512-381 Information
Dec 03, 2025
cve
CNNVD ID
CNNVD-202512-381
Related CVE
- CNNVD Published: 2025-12-03
Description (Chinese)
Splunk MCP Server是美国Splunk公司的一个多云平台服务器。 Splunk MCP Server 0.2.4之前版本存在安全漏洞,该漏洞源于run_splunk_query工具可绕过SPL命令允许列表控制,可能导致未授权操作。
Description (English)
Splunk MCP Server is a cloudy platform server for the United States company Splunk. There is a security loophole in the preSplunk MCP Server 0.2.4 version, which stems from the fact that the run splunk query tool can circumvent the SPL command to allow list control and may lead to unauthorized operations.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Splunk
Published
2025-12-03
Last Modified
2026-02-24
References
https://advisory.splunk.com/advisories/SVD-2025-1210
Patch
https://splunkbase.splunk.com/app/6211
Share on: