CVE-2025-20386
BaseFortify
Publication date: 2025-12-03
Last updated on: 2025-12-05
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| splunk | splunk | From 9.2.0 (inc) to 9.2.10 (exc) |
| splunk | splunk | From 9.3.0 (inc) to 9.3.8 (exc) |
| splunk | splunk | From 9.4.0 (inc) to 9.4.6 (exc) |
| splunk | splunk | From 10.0.0 (inc) to 10.0.2 (exc) |
| microsoft | windows | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, where a new installation or upgrade can incorrectly assign permissions to the Splunk Enterprise installation directory. As a result, non-administrator users on the machine can gain access to the directory and all its contents, which should normally be restricted.
How can this vulnerability impact me? :
The vulnerability can allow non-administrator users to access sensitive files and data within the Splunk Enterprise installation directory. This unauthorized access can lead to exposure of confidential information, potential data manipulation, and compromise of system integrity, resulting in high confidentiality, integrity, and availability impacts.