CVE-2026-20203— Improper Access Control in Data Model Acceleration in Splunk Enterprise
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-20203
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control in Data Model Acceleration in Splunk Enterprise
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the `admin` or `power` Splunk roles, has write permission on the app, and does not hold the high-privilege capability `accelerate_datamodel`, could turn on or off Data Model Acceleration due to improper access control.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
访问控制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Splunk Cloud Platform和Splunk Enterprise 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Splunk Cloud Platform和Splunk Enterprise都是美国Splunk公司的产品。Splunk Cloud Platform是一个强大的数据收集、处理和分析服务。Splunk Enterprise是一套数据收集分析软件。 Splunk Cloud Platform和Splunk Enterprise存在安全漏洞,该漏洞源于访问控制不当,可能导致低权限用户开启或关闭数据模型加速。以下版本受到影响:Splunk Enterprise 10.2.2之前版本、10.0.5之前版本、9.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Splunk | Splunk Enterprise | 10.2 ~ 10.2.2 | - | |
| Splunk | Splunk Cloud Platform | 10.4.2603 ~ Not Affected | - |
II. Public POCs for CVE-2026-20203
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-20203
请登录查看更多情报信息。
Same Patch Batch · Splunk · 2026-04-15 · 4 CVEs total
| CVE-2026-20205 | 7.2 HIGH | Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app |
| CVE-2026-20204 | 7.1 HIGH | Improper Handling and Insufficient Isolation of Specific Temporary Files in Splunk Enterpr |
| CVE-2026-20202 | 6.6 MEDIUM | Improper Input Validation during User Account Creation in Splunk Enterprise |
IV. Related Vulnerabilities
Same product: Splunk Enterprise
- CVE-2026-20204
Improper Handling and Insufficient Isolation of Specific Tem - CVE-2026-20202
Improper Input Validation during User Account Creation in Sp - CVE-2026-20163
Remote Command Execution (RCE) through the '/splunkd/__uploa - CVE-2026-20162
Stored Cross-Site Scripting (XSS) through Path Traversal in - CVE-2026-20166
Sensitive Information Disclosure in Discover Splunk Observab
Same vendor: Splunk
- CVE-2026-20205
Sensitive Information Disclosure in ''_internal'' index in S - CVE-2026-20204
Improper Handling and Insufficient Isolation of Specific Tem - CVE-2026-20202
Improper Input Validation during User Account Creation in Sp - CVE-2026-20163
Remote Command Execution (RCE) through the '/splunkd/__uploa - CVE-2026-20162
Stored Cross-Site Scripting (XSS) through Path Traversal in
Same weakness: CWE-284
- CVE-2026-8233
Dotouch XproUPF access control - CVE-2026-42569
phpvms: /importer authorization bypass causing full database - CVE-2026-42205
Avo: Broken Access Control: Unauthorized Execution of Arbitr - CVE-2026-41487
Langfuse: Improper role-based-access control in Langfuse LLM - CVE-2026-42278
UltraDAG: Smart Account Spending Policy Bypass via Pockets
V. Comments for CVE-2026-20203
No comments yet