VDB
CVE-2026-20165
CVE-2026-20165
PUBLISHED
CVSS 6.300000190734863 MEDIUM
In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve sensitive information by inspecting the job's search log due to improper access control in the MongoClient logging channel.
EPSS 0.05% · 14.6th percentile
Risk Scores
CVSS 3.1
6.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.05%
14.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| splunk | splunk | 9.3.0, 9.4.0, 10.0.0 |
| Splunk | Splunk Cloud Platform | 9.3.2411, 10.2.2510, 10.1.2507 |
| Splunk | Splunk Enterprise | 9.3, 10.2, 10.0 |
| splunk | splunk_cloud_platform | 10.0.2503, 10.1.2507, 10.2.2510 |
Exploit Intelligence
- https://advisory.splunk.com/advisories/SVD-2026-0304 (circl)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
- traffic_cve_webshell.yar (github-yara)
Timeline
- Mar 11, 2026 CVE Published
- Mar 12, 2026 EPSS Score
- Mar 12, 2026 CVE Updated
- Mar 13, 2026 EPSS Score
- Mar 14, 2026 EPSS Score
- Mar 15, 2026 EPSS Score
- Mar 16, 2026 EPSS Score
- Mar 17, 2026 EPSS Score
- Mar 18, 2026 EPSS Score
- Mar 19, 2026 EPSS Score
- Mar 20, 2026 EPSS Score
- Mar 21, 2026 EPSS Score
References
- https://advisory.splunk.com/advisories/SVD-2026-0302 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0311 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0308 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0309 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0305 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0310 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0304 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0301 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0313 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0306 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0303 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0307 advisory
- https://advisory.splunk.com/advisories/SVD-2026-0312 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-20165 advisory