CVE-2023-22943

Summary

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.

Affected Software

VendorProductVersion RangeStatus
SplunkSplunk Add-on Builder4.1 < 4.1.2affected
SplunkSplunk CloudConnect SDK3.1 < 3.1.3affected

Weaknesses

  • CWE-636: When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.

ADP Enrichment

CVE Program Container

Additional References

References