Vulnerabilites related to Splunk - Splunk Add-on Builder
cve-2023-22943
Vulnerability from cvelistv5
Published
2023-02-14 17:22
Modified
2025-02-28 11:03
Severity ?
EPSS score ?
Summary
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Splunk | Splunk Add-on Builder |
Version: 4.1 < 4.1.2 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:20:31.441Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://advisory.splunk.com/advisories/SVD-2023-0213", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Splunk Add-on Builder", vendor: "Splunk", versions: [ { lessThan: "4.1.2", status: "affected", version: "4.1", versionType: "custom", }, ], }, { product: "Splunk CloudConnect SDK", vendor: "Splunk", versions: [ { lessThan: "3.1.3", status: "affected", version: "3.1", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chris Green", }, ], datePublic: "2023-02-14T00:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.", }, ], value: "In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-636", description: "When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-28T11:03:49.432Z", orgId: "42b59230-ec95-491e-8425-5a5befa1a469", shortName: "Splunk", }, references: [ { url: "https://advisory.splunk.com/advisories/SVD-2023-0213", }, ], source: { advisory: "SVD-2023-0213", }, title: "Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK", }, }, cveMetadata: { assignerOrgId: "42b59230-ec95-491e-8425-5a5befa1a469", assignerShortName: "Splunk", cveId: "CVE-2023-22943", datePublished: "2023-02-14T17:22:40.690Z", dateReserved: "2023-01-10T21:39:55.584Z", dateUpdated: "2025-02-28T11:03:49.432Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-46231
Vulnerability from cvelistv5
Published
2024-01-30 17:00
Modified
2025-02-28 11:03
Severity ?
EPSS score ?
Summary
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Add-on Builder |
Version: - < 4.1.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T20:37:40.153Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://advisory.splunk.com/advisories/SVD-2024-0110", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-46231", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-12T20:38:47.921274Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-12T20:39:05.063Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Splunk Add-on Builder", vendor: "Splunk", versions: [ { lessThan: "4.1.4", status: "affected", version: "-", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Vikram Ashtaputre, Splunk", }, ], datePublic: "2024-01-30T00:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.", }, ], value: "In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-28T11:03:46.800Z", orgId: "42b59230-ec95-491e-8425-5a5befa1a469", shortName: "Splunk", }, references: [ { url: "https://advisory.splunk.com/advisories/SVD-2024-0110", }, ], source: { advisory: "SVD-2024-0110", }, title: "Session Token Disclosure to Internal Log Files in Splunk Add-on Builder", }, }, cveMetadata: { assignerOrgId: "42b59230-ec95-491e-8425-5a5befa1a469", assignerShortName: "Splunk", cveId: "CVE-2023-46231", datePublished: "2024-01-30T17:00:46.832Z", dateReserved: "2023-10-19T16:01:29.823Z", dateUpdated: "2025-02-28T11:03:46.800Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-46230
Vulnerability from cvelistv5
Published
2024-01-30 17:00
Modified
2025-02-28 11:03
Severity ?
EPSS score ?
Summary
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Add-on Builder |
Version: - < 4.1.4 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T20:37:40.135Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://advisory.splunk.com/advisories/SVD-2024-0111", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Splunk Add-on Builder", vendor: "Splunk", versions: [ { lessThan: "4.1.4", status: "affected", version: "-", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Vikram Ashtaputre, Splunk", }, ], datePublic: "2024-01-30T00:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.", }, ], value: "In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.", }, ], metrics: [ { cvssV3_1: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-28T11:03:45.898Z", orgId: "42b59230-ec95-491e-8425-5a5befa1a469", shortName: "Splunk", }, references: [ { url: "https://advisory.splunk.com/advisories/SVD-2024-0111", }, ], source: { advisory: "SVD-2024-0111", }, title: "Sensitive Information Disclosure to Internal Log Files in Splunk Add-on Builder", }, }, cveMetadata: { assignerOrgId: "42b59230-ec95-491e-8425-5a5befa1a469", assignerShortName: "Splunk", cveId: "CVE-2023-46230", datePublished: "2024-01-30T17:00:49.161Z", dateReserved: "2023-10-19T16:01:29.822Z", dateUpdated: "2025-02-28T11:03:45.898Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }