CVE-2026-20257— Splunk Enterprise Classic Dashboard CSS输入验证漏洞
影响版本矩阵 8
| 厂商 | 产品 | 版本范围 | 状态 |
|---|---|---|---|
| Splunk | Splunk Cloud Platform | 10.3.2512< 10.3.2512.13 | affected |
10.2.2510< 10.2.2510.15 | affected | ||
10.1.2507< 10.1.2507.23 | affected | ||
9.3.2411< 9.3.2411.132 | affected | ||
| Splunk | Splunk Enterprise | 10.2< 10.2.4 | affected |
10.0< 10.0.7 | affected | ||
9.4< 9.4.12 | affected | ||
9.3< 9.3.13 | affected |
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2026-20257 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrates sensitive data from the browser of a higher-privileged user who views it. The exfiltration is possible because classic dashboard panels do not fully validate style attribute values, which can allow for requests to reach external domains outside the configured Trusted Domains List. The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The low-privileged user should not be able to exploit the vulnerability at will.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
输入验证不恰当
来源: 美国国家漏洞数据库 NVD
受影响产品
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| Splunk | Splunk Enterprise | 10.2 ~ 10.2.4 | - | |
| Splunk | Splunk Cloud Platform | 10.3.2512 ~ 10.3.2512.13 | - |
二、漏洞 CVE-2026-20257 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2026-20257 的情报信息
请登录查看更多情报信息。
CVE-2026-20257 厂商安全公告 (1)
同批安全公告 · Splunk · 2026-06-10 · 共 10 条
| CVE-2026-20253 | 9.8 CRITICAL | Splunk Enterprise PostgreSQL 侧车服务未授权任意文件创建与截断漏洞 |
| CVE-2026-20251 | 8.8 HIGH | Splunk Secure Gateway 反序列化漏洞导致远程代码执行 |
| CVE-2026-20252 | 7.6 HIGH | Splunk Enterprise Dashboard Studio PDF导出服务器端请求伪造漏洞 |
| CVE-2026-20258 | 7.1 HIGH | Splunk Enterprise 经典控制面板存储型XSS漏洞 |
| CVE-2026-20254 | 5.7 MEDIUM | Splunk Enterprise 外部内容限制绕过导致信息泄露漏洞 |
| CVE-2026-20255 | 5.7 MEDIUM | Splunk Enterprise 经典仪表板不当输入验证漏洞 |
| CVE-2026-20256 | 5.7 MEDIUM | Splunk Enterprise 传统仪表板协议相对URL输入验证漏洞 |
| CVE-2026-20259 | 5.5 MEDIUM | Splunk Enterprise 不当访问控制漏洞 |
| CVE-2026-20260 | 4.3 MEDIUM | Splunk SOAR HTTP请求路径日志注入漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2026-20257
暂无评论