{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20205", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.397Z", "datePublished": "2026-04-15T15:17:58.202Z", "dateUpdated": "2026-04-15T17:39:19.517Z"}, "containers": {"cna": {"affected": [{"product": "Splunk MCP Server", "vendor": "Splunk", "versions": [{"version": "1.0", "status": "affected", "versionType": "custom", "lessThan": "1.0.3"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information."}], "value": "In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information."}], "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2026-0407"}], "title": "Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app", "datePublic": "2026-04-15T00:00:00.000Z", "metrics": [{"cvssV3_1": {"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "baseScore": 7.2, "baseSeverity": "HIGH"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "description": "Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.", "cweId": "CWE-532"}]}], "source": {"advisory": "SVD-2026-0407"}, "credits": [{"lang": "en", "value": "Charlie Huggard, Splunk"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-15T15:17:58.202Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-15T17:39:12.967528Z", "id": "CVE-2026-20205", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T17:39:19.517Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20205", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-15T17:39:12.967528Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T17:39:15.608Z"}}], "cna": {"title": "Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app", "source": {"advisory": "SVD-2026-0407"}, "credits": [{"lang": "en", "value": "Charlie Huggard, Splunk"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Splunk", "product": "Splunk MCP Server", "versions": [{"status": "affected", "version": "1.0", "lessThan": "1.0.3", "versionType": "custom"}]}], "datePublic": "2026-04-15T00:00:00.000Z", "references": [{"url": "https://advisory.splunk.com/advisories/SVD-2026-0407"}], "descriptions": [{"lang": "en", "value": "In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information.", "supportingMedia": [{"type": "text/html", "value": "In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-532", "description": "Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information."}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-15T15:17:58.202Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20205", "state": "PUBLISHED", "dateUpdated": "2026-04-15T17:39:19.517Z", "dateReserved": "2025-10-08T11:59:15.397Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2026-04-15T15:17:58.202Z", "assignerShortName": "cisco"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information."}], "id": "CVE-2026-20205", "lastModified": "2026-04-17T15:09:46.880", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-04-15T16:16:34.653", "references": [{"source": "psirt@cisco.com", "url": "https://advisory.splunk.com/advisories/SVD-2026-0407"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,1.0.3)"}}], "enrichment": {"confidence": 83.0, "confidence_source": "matching", "scores": [{"score": 83.0, "source": "matching"}]}, "original": {"product": "Splunk MCP Server", "source": "cna", "vendor": "Splunk"}, "product": "mcp_server", "vendor": "splunk"}], "analysis": {"en": {"generated_at": "2026-04-15T19:24:02.994982+00:00", "value": {"mitigation_remediation": ["Upgrade Splunk MCP Server to version\u202f1.0.3 or later to eliminate the flaw.", "Restrict access to the _internal index by allocating it exclusively to the admin role and reviewing other roles for unnecessary access.", "Ensure that only trusted accounts retain the mcp_tool_admin capability; remove this capability from non\u2011admin users where possible."], "summary": {"action": "Apply Update", "impact": "Sensitive Information Disclosure"}, "threat_synthesis": {"affected_systems": "Any Splunk MCP Server deployment running a version older than 1.0.3 is affected. The vulnerability exists regardless of the installation environment as long as the user has either a role that can access the _internal index or the mcp_tool_admin capability.", "description_and_impact": "A flaw in Splunk MCP Server app versions earlier than 1.0.3 allows an authenticated user with the appropriate role or permission to read session and authorization tokens in clear text from the Splunk _internal index. The weakness is a case of information disclosure (CWE-532). If exploited, attackers could gain a clear view of authentication tokens used by services and users, potentially enabling session hijacking or privilege escalation, thereby compromising confidentiality and integrity of the system.", "risk_and_exploitability": "The CVSS score of 7.2 indicates a high severity, and although EPSS is not available, the lack of a publicly disclosed exploit coupled with the need for internal index access suggests that the attack would likely require local or privileged access, or the ability to impersonate a privileged account. The vulnerability is not listed in CISA\u2019s KEV catalog, implying no known active exploitation. The risk remains significant if internal indexes are accessed by compromised accounts or misconfigured roles."}}}}, "created": "2026-04-15T19:30:12.383084+00:00", "updated": "2026-04-15T20:30:13.607344+00:00", "vendors": ["splunk", "splunk$PRODUCT$mcp_server"]}