Browse all articles, tutorials, and guides about sidecar
You did not install a PostgreSQL server, but Splunk Enterprise 10 did, and in affected versions its sidecar endpoint had no authentication. The result is a pre-auth, CVSS 9.8 path to writing files on the host as the Splunk user, now on CISA's actively-exploited list. The bug is patched; the broader lesson is about every helper service your tools quietly bundle.