CVE-2026-20298 | Splunk Enterprise/Cloud Platform prior 10.5.2605.0 REST endpoint passwords encr_password improper authentication
A vulnerability was found in Splunk Enterprise and Cloud Platform. It has been declared as problematic. Affected by this issue is some unknown functionality of the file /servicesNS/-/-/storage/passwords of the component REST endpoint. Executing a manipulation of the argument encr_password can lead to improper authentication.
This vulnerability is handled as CVE-2026-20298. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More