CVE-2026-20165

{"id": "CVE-2026-20165", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2026-03-11T17:16:56.943", "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2026-0304", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-532"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could retrieve sensitive information by inspecting the job's search log due to improper access control in the MongoClient logging channel."}, {"lang": "es", "value": "En las versiones de Splunk Enterprise anteriores a 10.2.1, 10.0.4, 9.4.9 y 9.3.10, y en las versiones de Splunk Cloud Platform anteriores a 10.2.2510.7, 10.1.2507.17, 10.0.2503.12 y 9.3.2411.124, un usuario con privilegios bajos que no posee los roles de Splunk 'admin' o 'power' podr\u00eda recuperar informaci\u00f3n sensible al inspeccionar el registro de b\u00fasqueda del trabajo debido a un control de acceso inadecuado en el canal de registro de MongoClient."}], "lastModified": "2026-03-24T17:55:15.997", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "BFBDF80A-51CC-470E-977C-96ABBF89162D", "versionEndExcluding": "9.3.10", "versionStartIncluding": "9.3.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "ACAC2D08-9ED6-4E58-A999-0EE2025C69FC", "versionEndExcluding": "9.4.9", "versionStartIncluding": "9.4.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "1E7483F3-FE84-42B9-A2E7-6E89B110BA31", "versionEndExcluding": "10.0.4", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:10.2.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "122C01E6-CD7E-44B3-BC65-2ACEDFE704E5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5198A912-AABA-40D1-8DE1-958E6584501B", "versionEndExcluding": "9.3.2411.124", "versionStartIncluding": "9.3.2411"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA248FBD-6AFF-492C-93A8-17EAA7C07FC1", "versionEndExcluding": "10.0.2503.12", "versionStartIncluding": "10.0.2503"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A28B5F1D-ED23-4969-A54D-5DE1FF1EADF9", "versionEndExcluding": "10.1.2507.17", "versionStartIncluding": "10.1.2507"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B333EE88-B86D-4E13-B119-7D0523B76376", "versionEndExcluding": "10.2.2510.7", "versionStartIncluding": "10.2.2510"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}