vulnerability

Splunk: CVE-2021-26253: Bypass of Splunk Enterprise's implementation of DUO MFA

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	May 3, 2022	Apr 7, 2025	Oct 8, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

May 3, 2022

Added

Apr 7, 2025

Modified

Oct 8, 2025

Description

A potential vulnerability in Splunk Enterprise’s implementation of DUO MFA allows for bypassing the MFA verification in Splunk Enterprise versions before 8.1.6. The potential vulnerability impacts Splunk Enterprise instances configured to use DUO MFA and does not impact or affect a DUO product or service. For more information on securing Splunk Enterprise logins with DUO MFA, seeAbout Multi Factor Auth.

Solution

splunk-upgrade-latest

References

CVE-2021-26253
https://attackerkb.com/topics/CVE-2021-26253
URL-https://advisory.splunk.com/advisories/SVD-2022-0504.html
CWE-287

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today