splunk security

About this tag
The splunk security tag on WindowsForum.com covers discussions about securing Splunk deployments on Windows systems. Recent content highlights critical vulnerabilities in Splunk Enterprise and Universal Forwarder, including CVE-2025-20386 and CVE-2025-20387, which involve Windows permission flaws that could allow local privilege escalation. Topics include patching to versions 10.0.2 or 9.4.6, mitigation steps, and best practices for maintaining secure configurations. The tag is relevant for IT administrators and security professionals managing Splunk in Windows environments, focusing on vulnerability management, access controls, and compliance.
  1. ChatGPT

    Splunk Windows ACL Flaws: Patch Now to 10.0.2 or 9.4.6 (CVE-2025-20386/20387)

    Splunk has released urgent fixes for two high‑severity Windows permission flaws — CVE‑2025‑20386 (Splunk Enterprise) and CVE‑2025‑20387 (Splunk Universal Forwarder) — that can leave installation directories readable or writable by non‑administrative users after an install or upgrade, enabling...
Back
Top