{"api_version":"1","generated_at":"2026-06-14T20:03:34+00:00","cve":"CVE-2026-20255","urls":{"html":"https://cve.report/CVE-2026-20255","api":"https://cve.report/api/cve/CVE-2026-20255.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20255","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20255"},"summary":{"title":"Improper Input Validation through Classic Dashboards in Splunk Enterprise","description":"In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server.  \n\nThe vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-06-10 18:16:41","updated_at":"2026-06-10 18:16:41"},"problem_types":["CWE-20","CWE-20 The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program."],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Primary","score":"5.7","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"5.7","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","data":{"baseScore":5.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","version":"3.1"}}],"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2026-0605","name":"https://advisory.splunk.com/advisories/SVD-2026-0605","refsource":"psirt@cisco.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20255","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20255","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Splunk","product":"Splunk Enterprise","version":"affected 10.2 10.2.4 custom","platforms":[]},{"source":"CNA","vendor":"Splunk","product":"Splunk Enterprise","version":"affected 10.0 10.0.7 custom","platforms":[]},{"source":"CNA","vendor":"Splunk","product":"Splunk Enterprise","version":"affected 9.4 9.4.12 custom","platforms":[]},{"source":"CNA","vendor":"Splunk","product":"Splunk Enterprise","version":"affected 9.3 9.3.13 custom","platforms":[]},{"source":"CNA","vendor":"Splunk","product":"Splunk Cloud Platform","version":"affected 10.3.2512 10.3.2512.13 custom","platforms":[]},{"source":"CNA","vendor":"Splunk","product":"Splunk Cloud Platform","version":"affected 10.2.2510 10.2.2510.15 custom","platforms":[]},{"source":"CNA","vendor":"Splunk","product":"Splunk Cloud Platform","version":"affected 10.1.2507 10.1.2507.23 custom","platforms":[]},{"source":"CNA","vendor":"Splunk","product":"Splunk Cloud Platform","version":"affected 9.3.2411 9.3.2411.132 custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"CNA","value":"Tony Tong (tongster)","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"20255","cve":"CVE-2026-20255","epss":"0.000450000","percentile":"0.144710000","score_date":"2026-06-13","updated_at":"2026-06-14 00:08:32"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"product":"Splunk Enterprise","vendor":"Splunk","versions":[{"lessThan":"10.2.4","status":"affected","version":"10.2","versionType":"custom"},{"lessThan":"10.0.7","status":"affected","version":"10.0","versionType":"custom"},{"lessThan":"9.4.12","status":"affected","version":"9.4","versionType":"custom"},{"lessThan":"9.3.13","status":"affected","version":"9.3","versionType":"custom"}]},{"product":"Splunk Cloud Platform","vendor":"Splunk","versions":[{"lessThan":"10.3.2512.13","status":"affected","version":"10.3.2512","versionType":"custom"},{"lessThan":"10.2.2510.15","status":"affected","version":"10.2.2510","versionType":"custom"},{"lessThan":"10.1.2507.23","status":"affected","version":"10.1.2507","versionType":"custom"},{"lessThan":"9.3.2411.132","status":"affected","version":"9.3.2411","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Tony Tong (tongster)"}],"datePublic":"2026-06-10T00:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server.  \n\nThe vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard."}],"value":"In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server.  \n\nThe vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard."}],"metrics":[{"cvssV3_1":{"baseScore":5.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-06-10T17:16:00.962Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"url":"https://advisory.splunk.com/advisories/SVD-2026-0605"}],"source":{"advisory":"SVD-2026-0605"},"title":"Improper Input Validation through Classic Dashboards in Splunk Enterprise"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20255","datePublished":"2026-06-10T17:16:00.962Z","dateReserved":"2025-10-08T11:59:15.401Z","dateUpdated":"2026-06-10T17:16:00.962Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-06-10 18:16:41","lastModifiedDate":"2026-06-10 18:16:41","problem_types":["CWE-20","CWE-20 The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program."],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":3.6}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20255","Ordinal":"1","Title":"Improper Input Validation through Classic Dashboards in Splunk E","CVE":"CVE-2026-20255","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20255","Ordinal":"1","NoteData":"In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server.  \n\nThe vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard.","Type":"Description","Title":"Improper Input Validation through Classic Dashboards in Splunk E"}]}}}