cvedb.io
CVE-2025-22621
MEDIUM · CVSS 6.4
EPSS exploitation probability: 0%
Published 2025-01-07T17:15:35.710 · Last modified 2026-06-17T08:48:46.670

Summary

In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.