Improper Access Control in Background Job Submission in Splunk Enterprise_CVE-2025-20366

{
    "lastseen": "",
    "description": "In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111, 9.3.2408.119, and 9.2.2406.122, a low-privileged user that does not hold the admin or power Splunk roles could access sensitive search results if Splunk Enterprise runs an administrative search job in the background. If the low privileged user guesses the search job\u2019s unique Search ID (SID), the user could retrieve the results of that job, potentially exposing sensitive search results. For more information see https://help.splunk.com/en/splunk-enterprise/search/search-manual/10.0/manage-jobs/about-jobs-and-job-management and https://help.splunk.com/en/splunk-enterprise/search/search-manual/10.0/manage-jobs/manage-search-jobs.",
    "published": "2025-10-01T16:07:56.027Z",
    "modified": "2025-10-01T16:07:56.027Z",
    "type": "cve",
    "title": "Improper Access Control in Background Job Submission in Splunk Enterprise",
    "source": "cisco",
    "references": "https://advisory.splunk.com/advisories/SVD-2025-1001",
    "id": "CVE-2025-20366",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Splunk Splunk Enterprise 10.0\nSplunk Splunk Enterprise 9.4\nSplunk Splunk Enterprise 9.3\nSplunk Splunk Enterprise 9.2\nSplunk Splunk Cloud Platform 9.3.2411\nSplunk Splunk Cloud Platform 9.3.2408\nSplunk Splunk Cloud Platform 9.2.2406",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Splunk Enterprise",
    "version": "10.0",
    "vendor": "Splunk",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}