6 matches found
CVE-2025-20381
In Splunk MCP Server app versions below 0.2.4, a user with access to the "runsplunkquery" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...
CVE-2025-20381
In Splunk MCP Server app versions below 0.2.4, a user with access to the "runsplunkquery" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...
CVE-2025-20381 SPL commands allowlist controls bypass in Splunk MCP Server app through "run_splunk_query" MCP tool
In Splunk MCP Server app versions below 0.2.4, a user with access to the "runsplunkquery" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...
CVE-2025-20381 SPL commands allowlist controls bypass in Splunk MCP Server app through "run_splunk_query" MCP tool
In Splunk MCP Server app versions below 0.2.4, a user with access to the "runsplunkquery" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...
CVE-2025-20381
In Splunk MCP Server App
PT-2025-48953
In Splunk MCP Server app versions below 0.2.4, a user with access to the "run splunk query" Model Context Protocol MCP tool could bypass the SPL command allowlist controls in MCP by embedding SPL commands as sub-searches, leading to unauthorized actions beyond the intended MCP restrictions...