PT-2026-60234 · Splunk · Splunk Cloud Platform+1
Published
2026-07-15
·
Updated
2026-07-15
·
CVE-2026-20297
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the
The vulnerability is caused by a path traversal in the app installation workflow, which does not restrict the installation path to the intended app directory.
edit local apps and install apps capabilities could cause a legitimate app installation to write files outside the intended app directory, into $SPLUNK HOME/etc/ and its subdirectories.The vulnerability is caused by a path traversal in the app installation workflow, which does not restrict the installation path to the intended app directory.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Splunk Cloud Platform
Splunk Enterprise