splunk

add-on_builder

3 known vulnerabilities · sorted by CVSS score

CVE-2023-46230

HIGH8.2

In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.

splunk / add-on_builder

Network

Published Jan 30, 2024

CVE-2023-46231

MEDIUM6.8

In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.

splunk / add-on_builder

Network

Published Jan 30, 2024

CVE-2023-22943

MEDIUM4.8

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.

splunk / add-on_builder+1

Network

Published Feb 14, 2023