Splunk Secure Gateway
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Splunk Secure Gateway.
By the Year
In 2026 there have been 0 vulnerabilities in Splunk Secure Gateway. Last year, in 2025 Splunk Secure Gateway had 4 security vulnerabilities published. Right now, Splunk Secure Gateway is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 4 | 5.20 |
It may take a day or so for new Splunk Secure Gateway vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Splunk Secure Gateway Security Vulnerabilities
Splunk Enterprise <=10.0.2 Low-Priv DoS via Secure Gateway 'label'
CVE-2025-20389
4.3 - Medium
- December 03, 2025
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS).
Improper Input Validation
Low-privileged Users Leak Alert Data via Push Notifications in Splunk <10.0.2
CVE-2025-20383
4.3 - Medium
- December 03, 2025
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive notifications that disclose the title and description of the report or alert even if they do not have access to view the report or alert.
Information Disclosure
Splunk SG KVStore Low-Priv Edit Pre-9.4.1 (CVE-2025-20230)
CVE-2025-20230
6.5 - Medium
- March 26, 2025
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the admin or power Splunk roles could edit and delete other user data in App Key Value Store (KVStore) collections that the Splunk Secure Gateway app created. This is due to missing access control and incorrect ownership of the data in those KVStore collections.<br><br>In the affected versions, the `nobody` user owned the data in the KVStore collections. This meant that there was no specific owner assigned to the data in those collections.
Authorization
Splunk Enterprise <9.4.1 Privilege Escalation via Search Using Higher-Priv Account
CVE-2025-20231
5.7 - Medium
- March 26, 2025
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the admin or power Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.<br><br>The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will.
Insertion of Sensitive Information into Log File
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Splunk Secure Gateway or by Splunk? Click the Watch button to subscribe.
