VDB

CVE-2026-20166

CVE-2026-20166 PUBLISHED CVSS 5.400000095367432 MEDIUM

In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover Splunk Observability Cloud app due to improper access control. This vulnerability does not affect Splunk Enterprise versions below 9.4.9 and 9.3.10 because the Discover Splunk Observability Cloud app does not come with Splunk Enterprise.

EPSS 0.04% · 13.5th percentile

Risk Scores

CVSS v3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS Score
0.04%
13.5th percentile

Affected Products

VendorProductVersions
SplunkSplunk Enterprise10.0, 10.2, 10.0
splunksplunk10.2.0, 10.0.0, 10.0.0
splunksplunk_cloud_platform10.2.2510, 10.0.2503, 10.1.2507
SplunkSplunk Cloud Platform10.2.2510, 10.1.2507, 10.0.2503

Timeline

  • Mar 11, 2026 CVE Published
  • Mar 12, 2026 EPSS Score
  • Mar 12, 2026 CVE Updated
  • Mar 13, 2026 EPSS Score
  • Mar 14, 2026 EPSS Score
  • Mar 15, 2026 EPSS Score
  • Mar 16, 2026 EPSS Score
  • Mar 17, 2026 EPSS Score
  • Mar 18, 2026 EPSS Score
  • Mar 19, 2026 EPSS Score
  • Mar 20, 2026 EPSS Score
  • Mar 21, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›