PT-2026-20472 · Splunk · Splunk Enterprise
Publicado
2026-02-18
·
Atualizado
2026-02-24
·
CVE-2026-20142
CVSS v3.1
6.8
Média
| Vetor | AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Splunk Enterprise versions prior to 10.2.0
Splunk Enterprise versions prior to 10.0.2
Splunk Enterprise versions prior to 9.4.7
Splunk Enterprise versions prior to 9.3.9
Splunk Enterprise versions prior to 9.2.11
Description
A user with access to the
internal index within a Splunk Search Head Cluster (SHC) deployment could view the RSA accessKey value from the Authentication.conf file in plain text. This affects deployments where a user holds a role granting access to this index. The accessKey is a critical component for authentication.Recommendations
Upgrade to Splunk Enterprise version 10.2.0 or later.
Upgrade to Splunk Enterprise version 10.0.2 or later.
Upgrade to Splunk Enterprise version 9.4.7 or later.
Upgrade to Splunk Enterprise version 9.3.9 or later.
Upgrade to Splunk Enterprise version 9.2.11 or later.
Correção
Insertion into Log File
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Splunk Enterprise