Description
In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information.
Published: 2026-04-15
Score: 7.2 High
EPSS: n/a
KEV: No
Impact: Sensitive Information Disclosure
Action: Apply Update
AI Analysis

Impact

A flaw in Splunk MCP Server app versions earlier than 1.0.3 allows an authenticated user with the appropriate role or permission to read session and authorization tokens in clear text from the Splunk _internal index. The weakness is a case of information disclosure (CWE-532). If exploited, attackers could gain a clear view of authentication tokens used by services and users, potentially enabling session hijacking or privilege escalation, thereby compromising confidentiality and integrity of the system.

Affected Systems

Any Splunk MCP Server deployment running a version older than 1.0.3 is affected. The vulnerability exists regardless of the installation environment as long as the user has either a role that can access the _internal index or the mcp_tool_admin capability.

Risk and Exploitability

The CVSS score of 7.2 indicates a high severity, and although EPSS is not available, the lack of a publicly disclosed exploit coupled with the need for internal index access suggests that the attack would likely require local or privileged access, or the ability to impersonate a privileged account. The vulnerability is not listed in CISA’s KEV catalog, implying no known active exploitation. The risk remains significant if internal indexes are accessed by compromised accounts or misconfigured roles.

Generated by OpenCVE AI on April 15, 2026 at 19:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Splunk MCP Server to version 1.0.3 or later to eliminate the flaw.
  • Restrict access to the _internal index by allocating it exclusively to the admin role and reviewing other roles for unnecessary access.
  • Ensure that only trusted accounts retain the mcp_tool_admin capability; remove this capability from non‑admin users where possible.

Generated by OpenCVE AI on April 15, 2026 at 19:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Splunk
Splunk mcp Server
Vendors & Products Splunk
Splunk mcp Server

Wed, 15 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 15 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
Description In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require either local access to the log files or administrative access to internal indexes, which by default only the admin role receives. <br><br>Review roles and capabilities on your instance and restrict internal index access to administrator-level roles. See [Define roles on the Splunk platform with capabilities](https://docs.splunk.com/Documentation/Splunk/latest/Security/Rolesandcapabilities) and [Connecting to MCP Server and Admin settings](https://help.splunk.com/en/splunk-enterprise/mcp-server-for-splunk-platform/connecting-to-mcp-server-and-admin-settings) in the Splunk documentation for more information.
Title Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app
Weaknesses CWE-532
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Splunk Mcp Server
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-04-15T17:39:19.517Z

Reserved: 2025-10-08T11:59:15.397Z

Link: CVE-2026-20205

cve-icon Vulnrichment

Updated: 2026-04-15T17:39:15.608Z

cve-icon NVD

Status : Received

Published: 2026-04-15T16:16:34.653

Modified: 2026-04-15T16:16:34.653

Link: CVE-2026-20205

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T20:30:13Z

Weaknesses