{"id":234400,"date":"2026-06-21T03:20:19","date_gmt":"2026-06-21T07:20:19","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/21\/u-s-cisa-adds-splunk-enterprise-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-agencies-to-fix-it-by-sunday\/"},"modified":"2026-06-21T03:20:21","modified_gmt":"2026-06-21T07:20:21","slug":"u-s-cisa-adds-splunk-enterprise-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-agencies-to-fix-it-by-sunday","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/21\/u-s-cisa-adds-splunk-enterprise-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-agencies-to-fix-it-by-sunday\/","title":{"rendered":"U.S. CISA adds Splunk Enterprise\u00a0flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/193888\/security\/u-s-cisa-adds-splunk-enterprise-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-agencies-to-fix-it-by-sunday.html\">U.S. CISA adds Splunk Enterprise\u00a0flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/193888\/security\/u-s-cisa-adds-splunk-enterprise-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-agencies-to-fix-it-by-sunday.html\">https:\/\/securityaffairs.com\/193888\/security\/u-s-cisa-adds-splunk-enterprise-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-agencies-to-fix-it-by-sunday.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-19 06:34:37<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included a severe Splunk Enterprise vulnerability, CVE-2026-20253, tracking an improper authentication issue in the PostgreSQL sidecar service, on its Known Exploited Vulnerabilities catalog. The vulnerability, rated with a high CVSS score of 9.8, enables unauthenticated attackers to create or truncate arbitrary files on affected systems, potentially leading to data loss, service disruption, or further compromise. The flaw arises from missing authentication controls on a PostgreSQL service endpoint, compromising systems running Splunk Enterprise versions 10.2 prior to 10.2.4 and versions 10.x below 10.0.7. Splunk confirmed awareness of limited active exploitation and urged immediate remediation through software updates. To protect their systems, CISA has mandated federal agencies to address the vulnerability by June 21, 2026, under the Binding Operational Directive (BOD) 22-01. Until patches can be applied, mitigation can be achieved by disabling the PostgreSQL sidecar service.<\/p>\n<p>Key Points:<br \/>\n&#8211; CVE-2026-20253 is a critical flaw in Splunk Enterprise affecting improper authentication in the PostgreSQL sidecar service.<br \/>\n&#8211; The vulnerability allows remote attackers to create or truncate files without credentials, risking data loss and service disruption.<br \/>\n&#8211; The flaw affects Splunk Enterprise versions 10.2 below 10.2.4 and 10.x below 10.0.7.<br \/>\n&#8211; CISA has mandated federal agencies to fix the issue by June 21, 2026, and recommends immediate upgrade to patched software versions.<br \/>\n&#8211; Until patching is practical, organizations should disable the PostgreSQL sidecar service to mitigate risk.<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>U.S. CISA adds Splunk Enterprise\u00a0flaw to its Known Exploited Vulnerabilities catalog and urges agencies to&#8230;<\/p>\n","protected":false},"author":1,"featured_media":234401,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2020\/07\/CISA.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-234400","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234400"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=234400"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234400\/revisions"}],"predecessor-version":[{"id":234402,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/234400\/revisions\/234402"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/234401"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=234400"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=234400"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=234400"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}