GHSA-7rq8-f887-2r5gMediumCVSS 6.5

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin'...

Published
May 20, 2026
Last Modified
May 20, 2026

🔗 CVE IDs covered (1)

📋 Description

In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data that was restricted through srchFilter configurations on custom roles.The app contains an authorize.conf configuration file with a srchFilter entry that modifies the built-in ‘user’ role. Because the Splunk platform combines inherited search filters with the OR SPL operator, the injected filter overrides more restrictive filters on child roles.

🔗 References (3)