Skip to main content

Splunk AI Toolkit CVE-2026-20238

| EUVDEUVD-2026-31140 MEDIUM
Incorrect Authorization (CWE-863)
2026-05-20 cisco GHSA-7rq8-f887-2r5g
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
May 20, 2026 - 18:30 vuln.today
Patch available
May 20, 2026 - 18:02 EUVD

DescriptionCVE.org

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data that was restricted through srchFilter configurations on custom roles.<br><br>The app contains an authorize.conf configuration file with a srchFilter entry that modifies the built-in ‘user’ role. Because the Splunk platform combines inherited search filters with the OR SPL operator, the injected filter overrides more restrictive filters on child roles.

AnalysisAI

Unauthorized data disclosure in Splunk AI Toolkit versions below 5.7.3 allows authenticated low-privileged users to bypass srchFilter-based access controls and read confidential data scoped to more restricted custom roles. The flaw stems from the Splunk platform's behavior of combining inherited search filters via the OR SPL operator, causing the permissive filter injected by the AI Toolkit's authorize.conf to override stricter filters on child roles. No active exploitation confirmed (not in CISA KEV) and no public exploit identified at time of analysis, but the CVSS confidentiality impact is rated High, making this a meaningful data exposure risk in multi-tenant or compliance-sensitive Splunk deployments.

Technical ContextAI

The vulnerability is rooted in CWE-863 (Incorrect Authorization), specifically an authorization logic flaw in how the Splunk AI Toolkit modifies the built-in 'user' role via its bundled authorize.conf configuration file. The app introduces a srchFilter entry on the 'user' role, which is a parent to custom child roles. The Splunk platform design merges inherited srchFilter values from parent and child roles using the OR SPL operator rather than AND, meaning a permissive filter anywhere in the inheritance chain widens, rather than narrows, the effective search scope. This design creates an exploitable condition where any custom role inheriting from 'user' - even one with a highly restrictive srchFilter - is effectively neutralized by the AI Toolkit's broader filter. The affected product is confirmed via CPE cpe:2.3:a:splunk:splunk_ai_toolkit:*:*:*:*:*:*:*:* across versions in the 5.7.x branch prior to 5.7.3.

RemediationAI

Upgrade Splunk AI Toolkit to version 5.7.3 or later, which resolves the srchFilter inheritance flaw in authorize.conf. The vendor patch is confirmed available per the Splunk advisory SVD-2026-0502 at https://advisory.splunk.com/advisories/SVD-2026-0502. As a compensating control prior to patching, administrators can audit and manually remove or override the AI Toolkit's srchFilter entry on the built-in 'user' role in authorize.conf - however, this change may break expected AI Toolkit search behavior and should be tested in a non-production environment first. Alternatively, organizations can restrict Splunk AI Toolkit access to users holding the 'admin' or 'power' roles only, which are explicitly excluded from the vulnerable code path, though this limits the product's utility for general users. No workaround fully replaces the patch given the inherited OR-logic behavior is a platform-level constraint.

More in Splunk

View all
CVE-2026-20253 CRITICAL POC
9.8 Jun 10

Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.

CVE-2024-36985 HIGH POC
8.8 Jul 01

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or powe

CVE-2023-46214 HIGH POC
8.8 Nov 16

In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet la

CVE-2023-32707 HIGH POC
8.8 Jun 01

In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100,

CVE-2022-43571 HIGH POC
8.8 Nov 03

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can execute arbitrary code through t

CVE-2022-43567 HIGH POC
8.8 Nov 04

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run arbitrary operating system c

CVE-2023-22934 HIGH POC
8.0 Feb 14

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets

CVE-2022-43566 HIGH POC
8.0 Nov 04

In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, an authenticated user can run risky commands using a more

CVE-2024-36991 HIGH POC
7.5 Jul 01

In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an attacker could perform a path traversal on t

CVE-2024-36990 MEDIUM POC
6.5 Jul 01

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an a

CVE-2017-17067 CRITICAL
9.8 Nov 30

Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and

CVE-2013-6771 CRITICAL
9.3 Aug 07

Directory traversal vulnerability in the collect script in Splunk before 5.0.5 allows remote attackers to execute arbitr

Share

CVE-2026-20238 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy