Splunk Secure Gateway
Approved changes feed: RSS · Atom
cpe:2.3:a:splunk:splunk_secure_gateway:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Splunk (0f7ef08f-e3f5-59a4-ba5f-26afb7835b46) |
|---|---|
| Product | Splunk Secure Gateway (4666e5cb-2285-5b6c-a87a-d0972bafe8a7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-20389 |
vulnerable | 2026-06-03 14:59:14.793299 |
Improper Input Validation in "label" column field in Splunk Secure Gateway App
MEDIUM (4.3)
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS).
Published: 2025-12-03T17:00:55.364Z
Updated: 2025-12-03T21:37:01.207Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-20383 |
vulnerable | 2026-06-03 14:59:14.790427 |
Improper access control through push notifications for reports and alerts in Splunk Secure Gateway app
MEDIUM (4.3)
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert.
Published: 2025-12-03T17:00:36.414Z
Updated: 2025-12-03T21:33:17.908Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-20231 |
vulnerable | 2026-06-03 14:59:13.818709 |
Sensitive Information Disclosure in Splunk Secure Gateway App
HIGH (7.1)
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.<br><br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will.
Published: 2025-03-26T21:45:41.250Z
Updated: 2026-02-26T19:09:10.032Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-20230 |
vulnerable | 2026-06-03 14:59:13.818086 |
Missing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway App
MEDIUM (4.3)
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could edit and delete other user data in App Key Value Store (KVStore) collections that the Splunk Secure Gateway app created. This is due to missing access control and incorrect ownership of the data in those KVStore collections.<br><br>In the affected versions, the `nobody` user owned the data in the KVStore collections. This meant that there was no specific owner assigned to the data in those collections.
Published: 2025-03-26T22:24:15.510Z
Updated: 2025-03-27T13:48:35.678Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-53247 |
vulnerable | 2026-06-03 14:57:39.513144 |
Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app
HIGH (8.8)
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7, and versions below 3.4.261 and 3.7.13 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could perform a Remote Code Execution (RCE).
Published: 2024-12-10T18:00:24.359Z
Updated: 2025-02-28T11:03:41.947Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-53243 |
vulnerable | 2026-06-03 14:57:39.509310 |
Information Disclosure in Mobile Alert Responses in Splunk Secure Gateway
MEDIUM (4.3)
In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and versions below 3.2.462, 3.7.18, and 3.8.5 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could see alert search query responses using Splunk Secure Gateway App Key Value Store (KVstore) collections endpoints due to improper access control.
Published: 2024-12-10T18:00:49.236Z
Updated: 2025-02-28T11:03:42.526Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45735 |
vulnerable | 2026-06-03 14:56:58.590570 |
Improper Access Control for low-privileged user in Splunk Secure Gateway App
MEDIUM (4.3)
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store (KV Store) deployment configuration and public/private keys in the Splunk Secure Gateway App.
Published: 2024-10-14T16:45:54.667Z
Updated: 2025-02-28T11:03:52.049Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.