Vulnerabilites related to Splunk - Splunk CloudConnect SDK
cve-2023-22943
Vulnerability from cvelistv5
Published
2023-02-14 17:22
Modified
2025-02-28 11:03
Severity ?
EPSS score ?
Summary
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Splunk | Splunk Add-on Builder |
Version: 4.1 < 4.1.2 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:20:31.441Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://advisory.splunk.com/advisories/SVD-2023-0213", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Splunk Add-on Builder", vendor: "Splunk", versions: [ { lessThan: "4.1.2", status: "affected", version: "4.1", versionType: "custom", }, ], }, { product: "Splunk CloudConnect SDK", vendor: "Splunk", versions: [ { lessThan: "3.1.3", status: "affected", version: "3.1", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chris Green", }, ], datePublic: "2023-02-14T00:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.", }, ], value: "In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.", }, ], metrics: [ { cvssV3_1: { baseScore: 4.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-636", description: "When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-28T11:03:49.432Z", orgId: "42b59230-ec95-491e-8425-5a5befa1a469", shortName: "Splunk", }, references: [ { url: "https://advisory.splunk.com/advisories/SVD-2023-0213", }, ], source: { advisory: "SVD-2023-0213", }, title: "Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK", }, }, cveMetadata: { assignerOrgId: "42b59230-ec95-491e-8425-5a5befa1a469", assignerShortName: "Splunk", cveId: "CVE-2023-22943", datePublished: "2023-02-14T17:22:40.690Z", dateReserved: "2023-01-10T21:39:55.584Z", dateUpdated: "2025-02-28T11:03:49.432Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }