← Back

CVE-2025-20323

nvd nist
Published: Jul 7, 2025Modified: Jul 21, 2025

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Exploitability: 2.8 / Impact: 1.4
Source: psirt@cisco.com (Secondary)

Description

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search `Bucket Copy Trigger` within the Splunk Archiver application. This is because of missing access controls in the saved searches for this app.

Affected (4)

Products: Splunk: Splunk
Splunk
1 product
Splunk
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Splunk
Splunk
From 9.1.0 to 9.1.10
Splunk
From 9.2.0 to 9.2.7
Splunk
From 9.3.0 to 9.3.5
Splunk
From 9.4.0 to 9.4.3

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (1)

Source: psirt@cisco.com
Vendor Advisory

Timeline

No history available yet.