CVE-2025-20323
CVE-2025-20323 affects Splunk Enterprise: versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10 are vulnerable. A low-privileged user (not admin/power) can turn off the scheduled search Bucket Copy Trigger in the Splunk Archiver app due to missing access controls in the saved searches. Root cause: insuf...