SplunkCVELIST:CVE-2023-22943CVE-2023-22943 Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.3%
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
CNA Affected
[
{
"product": "Splunk Add-on Builder",
"vendor": "Splunk",
"versions": [
{
"version": "4.1",
"status": "affected",
"versionType": "custom",
"lessThan": "4.1.2"
}
]
},
{
"product": "Splunk CloudConnect SDK",
"vendor": "Splunk",
"versions": [
{
"version": "3.1",
"status": "affected",
"versionType": "custom",
"lessThan": "3.1.3"
}
]
}
]Related
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.3%