CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-22943

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.1%

CVSS Severity

CVSS v3 Score 4.8

References

https://advisory.splunk.com/advisories/SVD-2023-0213
https://advisory.splunk.com/advisories/SVD-2023-0213

Products affected by CVE-2023-22943

Splunk » Add-On Builder » Version: 4.1.0

cpe:2.3:a:splunk:add-on_builder:4.1.0
Splunk » Add-On Builder » Version: 4.1.1

cpe:2.3:a:splunk:add-on_builder:4.1.1
Splunk » Cloudconnect Software Development Kit » Version: 3.1.0

cpe:2.3:a:splunk:cloudconnect_software_development_kit:3.1.0
Splunk » Cloudconnect Software Development Kit » Version: 3.1.2

cpe:2.3:a:splunk:cloudconnect_software_development_kit:3.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22943

Products

Pricing

Contact Us