CVE-2025-20233

Incorrect permissions set by the “chmod“ and “makedirs“ Python functions in Splunk App for Lookup File Editing

Description

In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.

INFO

Published Date :

2025-03-26T22:06:39.987Z

Last Modified :

2025-03-27T13:49:03.631Z

Source :

cisco

AFFECTED PRODUCTS

The following products are affected by CVE-2025-20233 vulnerability.

Vendors	Products
Splunk	Splunk App For Lookup File Editing

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-20233.

URL	Resource
https://advisory.splunk.com/advisories/SVD-2025-0310

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact