CVE-2026-20259

Published: Jun 10, 2026Modified: Jun 12, 2026

5.5

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N

Exploitability: 1.2 / Impact: 4.2

Source: psirt@cisco.com

Description

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.0, 10.3.2512.12, 10.2.2510.15, 10.1.2507.23, 10.0.2503.14, and 9.3.2411.131, a user who holds a Splunk role that contains the high-privilege capability `edit_saved_search_owner` could reassign saved search ownership to users outside their authorized scope. The ownership reassignment endpoint lacks access control.

Affected (7)

Products: Splunk: Splunk, Splunk Cloud Platform

Splunk

2 products

Splunk

Splunk Cloud Platform

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Splunk Splunk	From 10.0.0 to 10.0.7
Splunk Splunk	From 10.2.0 to 10.2.4

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Splunk Splunk Cloud Platform	From 10.0.2503 to 10.0.2503.14
Splunk Splunk Cloud Platform	From 10.1.2507 to 10.1.2507.23
Splunk Splunk Cloud Platform	From 10.2.2510 to 10.2.2510.15
Splunk Splunk Cloud Platform	From 10.3.2512 to 10.3.2512.12
Splunk Splunk Cloud Platform	From 9.3.2411 to 9.3.2411.131

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (1)

https://advisory.splunk.com/advisories/SVD-2026-0609

Source: psirt@cisco.com

Vendor Advisory

Timeline

No history available yet.