CVE-2026-20144

{"id": "CVE-2026-20144", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2026-02-18T18:24:29.220", "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2026-0209", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the the Splunk _internal index could view the Security Assertion Markup Language (SAML) configurations for Attribute query requests (AQRs) or Authentication extensions in plain text within the conf.log file, depending on which feature is configured."}, {"lang": "es", "value": "En las versiones de Splunk Enterprise anteriores a 10.2.0, 10.0.2, 9.4.7, 9.3.8 y 9.2.11, y en las versiones de Splunk Cloud Platform anteriores a 10.2.2510.0, 10.1.2507.11, 10.0.2503.9 y 9.3.2411.120, un usuario de una implementaci\u00f3n de Splunk Search Head Cluster (SHC) que posee un rol con acceso al \u00edndice _internal de Splunk podr\u00eda ver las configuraciones de Security Assertion Markup Language (SAML) para solicitudes de consulta de atributos (AQRs) o extensiones de autenticaci\u00f3n en texto sin formato dentro del archivo conf.log, dependiendo de qu\u00e9 caracter\u00edstica est\u00e9 configurada."}], "lastModified": "2026-02-23T14:43:22.443", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "80092DB5-6859-4E0A-BBD6-171051C451A1", "versionEndExcluding": "9.2.11", "versionStartIncluding": "9.2.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "05D6973D-D965-42D3-8320-AF4A4B424E6C", "versionEndExcluding": "9.3.8", "versionStartIncluding": "9.3.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "1F057ECE-42B5-4C1D-A201-EFF275EFAAD3", "versionEndExcluding": "9.4.7", "versionStartIncluding": "9.4.0"}, {"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "4413D4BE-F225-4C28-B401-EB46D8F34160", "versionEndExcluding": "10.0.2", "versionStartIncluding": "10.0.0"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6CA3000-9C26-45B9-A2A2-C22F3F4246BC", "versionEndExcluding": "9.3.2411.120", "versionStartIncluding": "9.3.2411"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62714243-8A5F-4908-BD39-7B1026B8E7D7", "versionEndExcluding": "10.0.2503.9", "versionStartIncluding": "10.0.2503"}, {"criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "580C6FE9-14D3-4813-ABF1-3D829CCBAF72", "versionEndExcluding": "10.1.2507.11", "versionStartIncluding": "10.1.2507"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}