Add-on Builder
by Splunk
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46230 | 0.00 | — | 0.00 | Jan 30, 2024 | In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files. | |||
| CVE-2023-46231 | 0.00 | — | 0.00 | Jan 30, 2024 | In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on. | |||
| CVE-2023-22943 | 0.00 | — | 0.00 | Feb 14, 2023 | In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. |
- CVE-2023-46230Jan 30, 2024risk 0.00cvss —epss 0.00
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.
- CVE-2023-46231Jan 30, 2024risk 0.00cvss —epss 0.00
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.
- CVE-2023-22943Feb 14, 2023risk 0.00cvss —epss 0.00
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.