Incorrect permissions set by the “chmod“ and “makedirs“ Python functions in Splunk App for Lookup File Editing

Advisory ID: SVD-2025-0310

CVE ID: CVE-2025-20233

Published: 2025-03-26

Last Update: 2025-03-26

CVSSv3.1 Score: 2.5, Low

CWE: CWE-732

Bug ID: VULN-18918

Description

In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the chmod and makedirs Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.

Solution

Upgrade the Splunk App for Lookup Editing to version 4.0.5 or higher.

Product Status

ProductVersionComponentAffected VersionFix Version
Splunk App for Lookup File Editing4.0below 4.0.54.0.5

Mitigations and Workarounds

None

Detections

None

Severity

Splunk rated this vulnerability a 2.5, Low, with a CVSSv3.1 vector of CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N.

If you do not use the Splunk App for Lookup File Editing, then there should be no impact and the severity would be Informational.

Acknowledgments

Kyle Bambrick, Splunk