—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple vulnerabilities in Splunk products

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Splunk Enterprise versions prior to 10.2.2, 10.0.5.

Splunk Cloud Platform versions prior to 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13.

Overview

Multiple vulnerabilities have been reported in Splunk products, which could allow a remote attacker to trigger denial of service conditions and obtain sensitive information on the targeted system.

Target Audience:

All organizations and individuals using Splunk.

Impact Assessment:

Potential for service unavailability, unauthorized access to sensitive information.

Risk Assessment:

High risk of information disclosure, service disruption and compromise of confidentiality and availability.

Description

Splunk is a platform used for searching, monitoring, and analyzing machine-generated data in real time. It collects, indexes, and correlates large volumes of data generated by applications, servers, networks, and other infrastructure components.

These vulnerabilities exist in Splunk products due to improper input validation and insufficient sanitization mechanisms in ‘TcpChannel’ component and ‘coldToFrozen.sh’ scripts. A low-privileged attacker could exploit these vulnerabilities to disclose sensitive information from internal logs or trigger denial of service conditions by manipulating vulnerable scripts.

Successful exploitation of these vulnerabilities could allow a remote attacker trigger denial of service conditions and obtain sensitive information on the targeted system.

Solution

Apply appropriate fixes issued by the vendor.

https://advisory.splunk.com/advisories/SVD-2026-0503

https://advisory.splunk.com/advisories/SVD-2026-0504

Vendor Information

Splunk

https://www.splunk.com

References

Splunk

https://advisory.splunk.com/advisories/SVD-2026-0503

https://advisory.splunk.com/advisories/SVD-2026-0504

CVE Name

CVE-2026-20239

CVE-2026-20240

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmogO84ACgkQ3jCgcSdc

ys/YbQ//SvIGM86POdQWz5FkFR/nNueU6DYsl6gcSQpcSnGvbXYKJMJgdV+u731F

UMkJIrTLLBCy9LYzyWEUReWyiGls028M/3NhCzrSWr/7lk0kg8pLs92/eS+yiEC/

+1NkY+C1cW14xl3/2q3zCy7MpE88GZfEMSQKVVSwFB2XluxZSKNHpLDhLVpoCsF6

MuQZxsPsVOtv0VuFvQDBtFmLpMVHsoEi4jLQNfcWcHc4+HBwp2QVNNQ0hn9mSFUL

wLSkmnRKVVlmL5THengvcrP5KlWag2sJZ5e8nV14UCEn8mQMunjl83kycsD/Du3R

JEoB9REfnTpmmH+PZpEaRL0uugQZCmr1T13Fy+tI+ILyXgTdQWDNWHmPzOiDb1h/

Be29MujhzG7I+SJaCQWrO9aYpDemAOq7aSGYRDQQmz8pWPH0UFAA09cqwX+yvWee

mqvURgJyGRcV5sQAInVh/syslqtdQPKQvQ6ZL5vT/5LPhcSa0tC3PDu8Elq/YANv

jYjwA7d3iH/dvx2SB6VruArxinOv4ui5uqu2pThW55k8AZ2PE49HHTDOvMwrURjw

GcYTxg918eid2s0k243BLTgTkD8O1Sr/kwqEOkVsbEHqodOPyaD1MIg43UpyC3he

68+zKgb2u5srHXR3oiOkZevJQ5QklpxDPrrOcxsUZqGHoNVl+YE=

=Q360

—–END PGP SIGNATURE—–