Splunk App For Lookup File Editing
Approved changes feed: RSS · Atom
cpe:2.3:a:splunk:splunk_app_for_lookup_file_editing:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Splunk (0f7ef08f-e3f5-59a4-ba5f-26afb7835b46) |
|---|---|
| Product | Splunk App For Lookup File Editing (25b99d5e-8279-5e93-9205-a17187d9be4a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-20233 |
vulnerable | 2026-06-03 14:59:13.822259 |
Incorrect permissions set by the “chmod“ and “makedirs“ Python functions in Splunk App for Lookup File Editing
LOW (2.5)
In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user.
Published: 2025-03-26T22:06:39.987Z
Updated: 2025-03-27T13:49:03.631Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-32715 |
vulnerable | 2026-06-03 14:51:59.808463 |
Self Cross-Site Scripting (XSS) on Splunk App for Lookup File Editing
MEDIUM (4.7)
In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes that code to run on the user’s machine. The app itself does not contain the potentially malicious JavaScript code. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser, and requires additional user interaction to trigger. The attacker cannot exploit the vulnerability at will.
Published: 2023-06-01T16:34:27.816Z
Updated: 2025-02-28T11:03:57.054Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-32714 |
vulnerable | 2026-06-03 14:51:59.807908 |
Path Traversal in Splunk App for Lookup File Editing
HIGH (8.1)
In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory.
Published: 2023-06-01T16:34:29.504Z
Updated: 2025-02-28T11:03:42.218Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.