Lucene search
K

35 matches found

RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.4 views

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

6.8CVSS5.5AI score0.00363EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/19 7:21 p.m.6 views

CVE-2026-20138

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the integrationKey, secretKey, and appSecretKey secrets, generated by Duo Two-Factor...

6.8CVSS5.5AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2026/02/18 6:24 p.m.3 views

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

4.9CVSS5.8AI score0.00363EPSS
Exploits0References1
NVD
NVD
added 2026/02/18 6:24 p.m.6 views

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

6.8CVSS0.00363EPSS
Exploits0References1
OSV
OSV
added 2026/02/18 6:24 p.m.5 views

CVE-2026-20142

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the RSA accessKey value from the Authentication.conf file, in plain text...

4.9CVSS5.8AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2026/02/18 6:24 p.m.6 views

CVE-2026-20142

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the RSA accessKey value from the Authentication.conf file, in plain text...

6.8CVSS0.0031EPSS
Exploits0References1
OSV
OSV
added 2026/02/18 6:24 p.m.5 views

CVE-2026-20138

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the integrationKey, secretKey, and appSecretKey secrets, generated by Duo Two-Factor...

4.9CVSS5.8AI score0.0031EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/18 4:45 p.m.5 views

CVE-2026-20142 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the RSA accessKey value from the Authentication.conf file, in plain text...

6.8CVSS5.5AI score0.0031EPSS
Exploits0References1
CVE
CVE
added 2026/02/18 4:45 p.m.18 views

CVE-2026-20142

Splunk Enterprise is affected in versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11. A user with access to the Splunk _internal index in a Search Head Cluster could read the RSA accessKey from Authentication.conf in plaintext, exposing highly sensitive credentials and impacting confidentiali...

6.8CVSS5.5AI score0.0031EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/18 4:45 p.m.5 views

CVE-2026-20142

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the RSA accessKey value from the Authentication.conf file, in plain text...

6.8CVSS5.5AI score0.0031EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/18 4:45 p.m.4 views

CVE-2026-20138 Sensitive Information Disclosure in "_internal" index in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the Splunk internal index could view the integrationKey, secretKey, and appSecretKey secrets, generated by Duo Two-Factor...

6.8CVSS5.5AI score0.0031EPSS
Exploits0References1
CVE
CVE
added 2026/02/18 4:45 p.m.17 views

CVE-2026-20138

CVE-2026-20138 affects Splunk Enterprise: in SHC deployments, users with access to the _internal index could view integrationKey, secretKey, and appSecretKey generated by Duo for Splunk in plaintext. Affected versions are below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11. Impact: potential disclosur...

6.8CVSS5.5AI score0.0031EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/18 4:45 p.m.3 views

CVE-2026-20144 Sensitive Information Disclosure in ''_internal'' index in Splunk Enterprise

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

6.8CVSS5.5AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 2026/02/18 4:45 p.m.16 views

CVE-2026-20144

CVE-2026-20144 affects Splunk Enterprise (and Cloud Platform variants) where a user with access to the _internal index on a Search Head Cluster could view SAML configurations (AQRs or Authentication extensions) in plain text in the conf.log. Affected are Splunk Enterprise versions below 10.2.0, 1...

6.8CVSS5.5AI score0.00363EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/02/18 4:45 p.m.6 views

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

6.8CVSS5.5AI score0.00363EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.7 views

PT-2026-20469

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.0 Splunk Enterprise versions prior to 10.0.2 Splunk Enterprise versions prior to 9.4.7 Splunk Enterprise versions prior to 9.3.9 Splunk Enterprise versions prior to 9.2.11 Description A user with access...

6.8CVSS5.3AI score0.0031EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/18 12:0 a.m.9 views

Splunk Enterprise 9.2.0 < 9.2.11, 9.3.0 < 9.3.9, 9.4.0 < 9.4.7, 10.0.0 < 10.0.2 (SVD-2026-0207)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0207 advisory. - In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster SHC...

6.8CVSS5.8AI score0.0031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.5 views

PT-2026-20472

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.0 Splunk Enterprise versions prior to 10.0.2 Splunk Enterprise versions prior to 9.4.7 Splunk Enterprise versions prior to 9.3.9 Splunk Enterprise versions prior to 9.2.11 Description A user with access...

6.8CVSS5.3AI score0.0031EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.8 views

PT-2026-20473

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11 Splunk Cloud Platform versions prior to 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120 Description A user with access to the Splunk internal index within a...

6.8CVSS5.2AI score0.00363EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-20300

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.0031EPSS
Exploits0References1
Rows per page
Query Builder