CVE-2025-20323 – Splunk Enterprise Missing Access Control Vulnerability

CVE ID : CVE-2025-20323

Published : July 7, 2025, 6:15 p.m. | 59 minutes ago

Description : In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the “admin” or “power” Splunk roles could turn off the scheduled search `Bucket Copy Trigger` within the Splunk Archiver application. This is because of missing access controls in the saved searches for this app.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

CVE-2025-42980 – SAP NetWeaver Enterprise Portal Deserialization Remote Code Execution Vulnerability

CVE-2025-42981 – SAP NetWeaver Application Server ABAP Open Redirect Vulnerability

CVE-2025-42985 – SAP BusinessObjects Content Administrator Workbench Cross-Site Scripting (XSS)

CVE-2025-42986 – SAP BASIS Authentication Bypass