Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-20233

In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.

Published

2025-03-26T22:15:15.390

Last Modified

2025-08-01T18:03:30.680

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 2.5 (LOW)

Weaknesses

Type: Secondary
CWE-732

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	splunk	splunk_app_for_lookup_file_editing	< 4.0.5	Yes

References

https://advisory.splunk.com/advisories/SVD-2025-0310 Vendor Advisory ([email protected])