vulnerability

Splunk: CVE-2022-26070: Error message discloses internal path

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	May 3, 2022	Apr 7, 2025	Oct 8, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

May 3, 2022

Added

Apr 7, 2025

Modified

Oct 8, 2025

Description

When handling a mismatched pre-authentication cookie, the application leaks the internal error message in the response, which contains the Splunk Enterprise local system path. The vulnerability impacts Splunk Enterprise versions before 8.1.0. The vulnerability impacts instances with Splunk Web enabled. SeeDisable unnecessary Splunk Enterprise componentsandweb.conffor more information on disabling Splunk Web.

Solution

splunk-upgrade-latest

References

CVE-2022-26070
https://attackerkb.com/topics/CVE-2022-26070
URL-https://advisory.splunk.com/advisories/SVD-2022-0507.html
CWE-200
CWE-209

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today