{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T00:25:39.146","vulnerabilities":[{"cve":{"id":"CVE-2025-20319","sourceIdentifier":"psirt@cisco.com","published":"2025-07-07T18:15:25.830","lastModified":"2025-07-21T20:58:20.670","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability `edit_scripted` and `list_inputs` capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.<br><br>See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Setting up a scripted input ](https://docs.splunk.com/Documentation/Splunk/9.4.2/AdvancedDev/ScriptSetup)for more information."},{"lang":"es","value":"En las versiones de Splunk Enterprise anteriores a 9.4.3, 9.3.5, 9.2.7 y 9.1.10, un usuario que tenga un rol que contenga la capacidad de alto privilegio `edit_scripted` y la capacidad `list_inputs` podría realizar una ejecución remota de comandos debido a una depuración incorrecta de la entrada del usuario en los archivos de entrada con capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Setting up a scripted input ](https://docs.splunk.com/Documentation/Splunk/9.4.2/AdvancedDev/ScriptSetup)for more information. "}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"9.1.10","matchCriteriaId":"F363265C-BE8B-4D9E-BCD7-52D75D4454BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.2.0","versionEndExcluding":"9.2.7","matchCriteriaId":"16D7B94B-6E57-4462-BDB1-884E3268967D"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.3.0","versionEndExcluding":"9.3.5","matchCriteriaId":"2AE238E0-742D-4595-8F72-C2D7256718EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.4.0","versionEndExcluding":"9.4.3","matchCriteriaId":"6E95070D-E7E2-40F7-8282-0964FC1664F4"}]}]}],"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2025-0702","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}}]}