CVE-2025-20387
BaseFortify
Publication date: 2025-12-03
Last updated on: 2025-12-05
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| splunk | splunk | From 9.2.0 (inc) to 9.2.10 (exc) |
| splunk | splunk | From 9.3.0 (inc) to 9.3.8 (exc) |
| splunk | splunk | From 9.4.0 (inc) to 9.4.6 (exc) |
| splunk | splunk | From 10.0.0 (inc) to 10.0.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-732 | The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, where a new installation or an upgrade can incorrectly assign permissions to the installation directory. As a result, non-administrator users on the machine can access the directory and all its contents, which should normally be restricted.
How can this vulnerability impact me? :
The vulnerability can allow non-administrator users to access sensitive files and data within the Splunk Universal Forwarder installation directory. This unauthorized access can lead to information disclosure, potential tampering with the software, and compromise of confidentiality, integrity, and availability of the system.