Splunk 6.6.x Local Privilege Escalation

Splunk version 6.6.x suffers from a local privilege escalation vulnerability. Splunk can be configured to run as a non-root user. However, that user owns the configuration file that specifies the user to run as, so it can trivially gain root privileges.
Source: Splunk 6.6.x Local Privilege Escalation