Unrated severityNVD Advisory· Published Feb 14, 2023· Updated Feb 28, 2025
Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK
CVE-2023-22943
Description
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<3.1.3+ 1 more
- (no CPE)range: <3.1.3
- (no CPE)range: 3.1
<4.1.2+ 1 more
- (no CPE)range: <4.1.2
- (no CPE)range: 4.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.