CVE-2025-22621

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-22621
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles.

6.4 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://advisory.splunk.com/advisories/SVD-2025-0101
Configurations

No configuration.

History

No history.

Information

Published : 2025-01-07 17:15

Updated : 2025-01-15 17:15

NVD link : CVE-2025-22621

Mitre link : CVE-2025-22621

CVE.ORG link : CVE-2025-22621

JSON object : View

Products Affected

No product.

CWE
CWE-269

Improper Privilege Management