CVE-2026-20202

Published Apr 15, 2026

Last updated 6 days ago

CVSS medium 6.6

Overview

Description: In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability `edit_user`could create a specially crafted username that includes a null byte or a non-UTF-8 percent-encoded byte due to improper input validation.<br><br>This could lead to inconsistent conversion of usernames into a proper format for storage and account management inconsistencies, such as being unable to edit or delete affected users.
Source: psirt@cisco.com
NVD status: Analyzed
Products: splunk, splunk_cloud_platform

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.6
Impact score: 5.9
Exploitability score: 0.7
Vector string: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

psirt@cisco.com: CWE-176

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
            "matchCriteriaId": "9A537203-F31B-44A1-BB9E-C62F4539FA0B",
            "versionEndExcluding": "9.3.11",
            "versionStartIncluding": "9.3.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
            "matchCriteriaId": "0205D102-93C7-42FA-A33E-E517BB7760C4",
            "versionEndExcluding": "9.4.10",
            "versionStartIncluding": "9.4.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
            "matchCriteriaId": "D5A01879-50A5-4266-A08C-F55584F442ED",
            "versionEndExcluding": "10.0.5",
            "versionStartIncluding": "10.0.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
            "matchCriteriaId": "9F3A147D-2A67-469A-A223-248DEFB413E0",
            "versionEndExcluding": "10.2.2",
            "versionStartIncluding": "10.2.0",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "6FCB2A3C-8069-4AAC-8746-4B9679DE8116",
            "versionEndExcluding": "9.3.2411.127",
            "versionStartIncluding": "9.3.2411",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "D5C098C2-9ED5-41B4-BE57-984B71027144",
            "versionEndExcluding": "10.0.2503.13",
            "versionStartIncluding": "10.0.2503",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "9CD48754-5DBD-499A-9004-BD8D948E548A",
            "versionEndExcluding": "10.1.2507.20",
            "versionStartIncluding": "10.1.2507",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "601A4BEC-6F0D-4A52-8B68-18902574E84C",
            "versionEndExcluding": "10.2.2510.10",
            "versionStartIncluding": "10.2.2510",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:splunk:splunk_cloud_platform:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "29253EBC-0E89-46ED-B504-E81F5D4E7E3F",
            "versionEndExcluding": "10.3.2512.6",
            "versionStartIncluding": "10.3.2512",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References