CVE-2025-20233

Low CVSS 2.5

Overview

In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.

CWE: CWE-732 Published: 2025-03-26T22:15:15.390

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.5 (LOW)
Detected tags: misconfiguration (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags