Splunk Enterprise vulnerability: Find impacted assets
ID: aa266c42-53ee-59ce-8b3a-b1f43e448fed
STIX ID: report--aa266c42-53ee-59ce-8b3a-b1f43e448fed
Feed Name: runZero Blog
## Executive summary Splunk disclosed a critical vulnerability (CVE-2026-20253, CVSS 9.8) in the PostgreSQL Sidecar Service of Splunk Enterprise that permits unauthenticated remote file uploads enabling forged database connections, administrative actions, and remote code execution; affected versions include 10.0.0–10.0.6 and 10.2.0–10.2.3, and Splunk recommends updating to 10.0.7 or 10.2.4 (or later) and following provided mitigations; the advisory also includes a runZero query to identify potentially impacted assets.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
