CVE-2026-20297 in Splunkinfo

Zusammenfassung

von MITRE • 15.07.2026

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the `edit_local_apps` and `install_apps` capabilities could cause a legitimate app installation to write files outside the intended app directory, into `$SPLUNK_HOME/etc/` and its subdirectories.<br><br>The vulnerability is caused by a path traversal in the app installation workflow, which does not restrict the installation path to the intended app directory.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Zuständig

Cisco

Reservieren

08.10.2025

Veröffentlichung

15.07.2026

Moderieren

akzeptiert

Eintrag

VDB-379335

CPE

bereit

EPSS

0.00000

KEV

nein

Aktivitäten

very low

Quellen

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!