You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
splunk security
About this tag
The splunk security tag on WindowsForum.com covers discussions about securing Splunk deployments on Windows systems. Recent content highlights critical vulnerabilities in Splunk Enterprise and Universal Forwarder, including CVE-2025-20386 and CVE-2025-20387, which involve Windows permission flaws that could allow local privilege escalation. Topics include patching to versions 10.0.2 or 9.4.6, mitigation steps, and best practices for maintaining secure configurations. The tag is relevant for IT administrators and security professionals managing Splunk in Windows environments, focusing on vulnerability management, access controls, and compliance.
Splunk has released urgent fixes for two high‑severity Windows permission flaws — CVE‑2025‑20386 (Splunk Enterprise) and CVE‑2025‑20387 (Splunk Universal Forwarder) — that can leave installation directories readable or writable by non‑administrative users after an install or upgrade, enabling...