Medium6.4Splunk
Splunk App: In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the…
CVE-2025-22621 Published Jan 7, 2025Updated by vendor Jun 17, 2026
CVE-2025-22621
Affected products & platforms
SplunkES / ITSI / SOAR
Summary
In versions 1.0.67 and lower of the Splunk App for SOAR, the Splunk documentation for that app recommended adding the `admin_all_objects` capability to the `splunk_app_soar` role. This addition could lead to improper access control for a low-privileged user that does not hold the "admin" Splunk roles.
Mitigation
Mitigation steps weren't captured by the parser for this advisory — this is a parsing gap, not a statement that no fix exists. Read the vendor advisory below for the authoritative guidance.
Official advisory · medium-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.