CVE-2025-22621
6.4
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Summary
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the admin_all_objects capability to the splunk_app_soar role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Splunk | Splunk App for SOAR | 1.0 < 1.0.71 | affected |
Weaknesses
- CWE-269: The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.