VDB

GCVE-110-NCSC-2025-99

GCVE-110-NCSC-2025-99
Advisory PublishedCVSS 5.7/10
Vulnetix · Advisory published March 27, 2025
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Weaknesses (CWE)

CWE-200Exposure of Sensitive Information to an Unauthorized ActorCWE-20Improper Input ValidationCWE-352Cross-Site Request Forgery (CSRF)CWE-284Improper Access ControlCWE-532Insertion of Sensitive Information into Log FileCWE-732Incorrect Permission Assignment for Critical Resource

Risk Scores

CVSS 3.1
5.7/10
Medium · CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersionsPlatforms
Splunkvers:unknown/9.2|<9.2.5
Splunkvers:unknown/9.1.2312|<9.1.2312.208
Splunkvers:unknown/9.4|<9.4.1
Splunkvers:unknown/3.8|<3.8.38
Splunkvers:unknown/3.7|<3.7.23
Splunkvers:unknown/9.1|<9.1.8
Splunkvers:unknown/unknown
Splunkvers:unknown/9.3|<9.3.3
Splunkvers:unknown/9.3.2408|<9.3.2408.107
Splunkvers:unknown/9.2.2406|<9.2.2406.113

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›