CVE-2025-20319

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that contains the high-privilege capability editscripted and listinputs capability , could perform a remote command execution due to improper user input sanitization on the scripted input files.See Define...

Scripted Inputs and Splunk

Splunk is an extremely versatile tool when dealing with data: - Monitor files? Check! - Listen in on an open port? Check! - Monitor the file system? Performance monitor? HTTP Event Collector? - Check, check aaaaand check! But what if the data you want to ingest does not have a method listed...