CVE-2025-20381 | THREATINT

Description

In Splunk MCP Server app versions below 0.2.4, a user with access to the "run_splunk_query" Model Context Protocol (MCP) tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions.

PUBLISHED Reserved 2024-10-10 | Published 2025-12-03 | Updated 2025-12-03 | Assigner cisco

MEDIUM: 5.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Problem types

The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

Product status

0.2 (custom) before 0.2.4

affected

Credits

Saket Pandey, Splunk

References

advisory.splunk.com/advisories/SVD-2025-1210

cve.org (CVE-2025-20381)

nvd.nist.gov (CVE-2025-20381)