¡¾·ì϶¹«¸æ¡¿SplunkÔ¶³Ì´úÂëÖ´Ðзì϶(CVE-2025-20229)

°ä²¼¹¦·ò 2025-03-27

Ò»¡¢·ì϶¸ÅÊö


·ìϼûû³Æ

SplunkÔ¶³Ì´úÂëÖ´Ðзì϶

CVE   ID

CVE-2025-20229

·ì϶ÀàÐÍ

Ô¶³Ì´úÂëÖ´ÐÐ

·¢ÏÖ¹¦·ò

2025-03-27

·ì϶ÆÀ·Ö

8.0

·ì϶µÈ¼¶

¸ßΣ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

µÍ

ÀûÓÃÄѶÈ

µÍ

Óû§½»»¥

±ØÒª

PoC/EXP

δ¹«¿ª

ÔÚÒ°ÀûÓÃ

δ·¢ÏÖ


Splunk EnterpriseÊÇÒ»¿î׳´óµÄÊý¾Ý·ÖÎöƽ̨£¬£¬£¬£¬£¬£¬£¬£¬×¨Ò»ÓÚ»úеÊý¾ÝµÄÍøÂç¡¢¼à¿ØºÍ·ÖÎö£¬£¬£¬£¬£¬£¬£¬£¬¿í·ºÀûÓÃÓÚÈÕÖ¾ÖÎÀí¡¢°²È«ÐÅÏ¢ÊÂÎñÖÎÀí£¨SIEM£©ºÍITÔËά£¬£¬£¬£¬£¬£¬£¬£¬¿ÉÄÜÔ®ÊÖ×é֯ʵʱ»ñÈ¡²Ù×÷Êý¾Ý¡¢¼ì²âÒì³£¡¢·ÖÎöÇ÷Ïò£¬£¬£¬£¬£¬£¬£¬£¬²¢Ìṩ¿ÉÊÓ»¯±¨±íºÍ¾¯±¨Ö°ÄÜ¡£¡£¡£¡£¡£Splunk Cloud PlatformÊÇSplunkµÄÔÆ°æ±¾£¬£¬£¬£¬£¬£¬£¬£¬ÌṩÓëEnterpriseÒ»ÑùµÄÊý¾Ý·ÖÎöÖ°ÄÜ£¬£¬£¬£¬£¬£¬£¬£¬µ«ÒÔSaaS´ó¾ÖÔËÐУ¬£¬£¬£¬£¬£¬£¬£¬Óû§ÎÞÐè×ÔÐÐÖÎÀí»ù´¡ÉèÊ©¡£¡£¡£¡£¡£ËüºÏÓÃÓÚ±ØÒª¸ß¶È¿ÉÀ©´óÐԺͽýÝÐÔµÄÆóÒµ£¬£¬£¬£¬£¬£¬£¬£¬Ö§³Ö¿çƽ̨¡¢¿ç»·¾³µÄÊý¾Ý·ÖÎöºÍÖÎÀí£¬£¬£¬£¬£¬£¬£¬£¬Ô®ÊÖ×éÖ¯¸ßЧ´¦ÖôóÊý¾Ý£¬£¬£¬£¬£¬£¬£¬£¬²¢ÊµÏÖÉî¿ÌµÄÖÇÄܶ´²ì¡£¡£¡£¡£¡£


2025Äê3ÔÂ27ÈÕ£¬£¬£¬£¬£¬£¬£¬£¬8827Ì«Ñô¼¯Íż¯ÍÅVSRC¼à²âµ½Splunk°ä²¼µÄ°²È«²¼¸æ£¬£¬£¬£¬£¬£¬£¬£¬²¼¸æÖ¸³öSplunk EnterpriseºÍSplunk Cloud Platform´æÔÚÒ»¸ö¸ßΣ·ì϶¡£¡£¡£¡£¡£ÔÚÌض¨°æ±¾ÖУ¬£¬£¬£¬£¬£¬£¬£¬µÍȨÏÞÓû§£¨Î´³ÖÓÐ"admin"»ò"power"½ÇÉ«£©ÓÉÓÚ²»×ã±ØÒªµÄÊÚȨ²é³­£¬£¬£¬£¬£¬£¬£¬£¬¿ÉÄÜͨ¹ý½«ÎļþÉÏ´«ÖÁ¡°$SPLUNK_HOME/var/run/splunk/apptemp¡±Ä¿Â¼£¬£¬£¬£¬£¬£¬£¬£¬´Ó¶øÖ´ÐÐÔ¶³Ì´úÂ루RCE£©¡£¡£¡£¡£¡£


¶þ¡¢Ó°ÏìÁìÓò


9.3.2408.100 <= Splunk Cloud Platform <= 9.3.2408.103
9.2.2406.100 <= Splunk Cloud Platform <= 9.2.2406.107
Splunk Cloud Platform < 9.2.2403.113
Splunk Cloud Platform < 9.1.2312.207
9.3.0 <= Splunk Enterprise <= 9.3.2
9.2.0 <= Splunk Enterprise 9.2.4
9.1.0 <= Splunk Enterprise 9.1.7


Èý¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


¹Ù·½ÒÑ°ä²¼½¨¸´°æ±¾£¬£¬£¬£¬£¬£¬£¬£¬½¨ÒéÊÜÓ°ÏìÓû§¾¡¿ì¸üС£¡£¡£¡£¡£


Splunk Enterprise 9.4Éý¼¶µ½9.4.0
Splunk Enterprise 9.3ÊÜÓ°Ïì°æ±¾Éý¼¶µ½9.3.3
Splunk Enterprise 9.2ÊÜÓ°Ïì°æ±¾Éý¼¶µ½9.2.5
Splunk Enterprise 9.1ÊÜÓ°Ïì°æ±¾Éý¼¶µ½9.1.8
Splunk Cloud Platform 9.3.2408ÊÜÓ°Ïì°æ±¾Éý¼¶µ½9.3.2408.104
Splunk Cloud Platform 9.2.2406ÊÜÓ°Ïì°æ±¾Éý¼¶µ½9.2.2406.108
Splunk Cloud Platform 9.2.2403ÊÜÓ°Ïì°æ±¾Éý¼¶µ½9.2.2403.114
Splunk Cloud Platform 9.1.2312ÊÜÓ°Ïì°æ±¾Éý¼¶µ½9.1.2312.208


ÏÂÔØÁ´½Ó£ºhttps://www.splunk.com/en_us/download.html/


3.2 һʱ´ëÊ©


ÔÝÎÞ¡£¡£¡£¡£¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬£¬£¬£¬£¬£¬£¬Ï÷¼õϵͳ·ì϶£¬£¬£¬£¬£¬£¬£¬£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£¡£¡£¡£¡£
¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔ죬£¬£¬£¬£¬£¬£¬£¬Åú¸Ä·À»ðǽսÊõ£¬£¬£¬£¬£¬£¬£¬£¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬£¬£¬£¬£¬£¬£¬£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬£¬£¬£¬£¬£¬£¬£¬Ï÷¼õ¹¥»÷Ãæ¡£¡£¡£¡£¡£
ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬£¬£¬£¬£¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£¡£¡£¡£¡£
¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬£¬£¬£¬£¬£¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò£¬£¬£¬£¬£¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£¡£¡£
ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£¡£¡£¡£¡£


3.4 ²Î¿¼Á´½Ó


https://advisory.splunk.com/advisories/SVD-2025-0301