17 matches found
EUVD-2023-27045
Malicious code in bioql PyPI...
EUVD-2023-50469
Malicious code in bioql PyPI...
EUVD-2023-50470
Malicious code in bioql PyPI...
The vulnerability of the Session Token Handler component in the application for creating supplements, related to integrating external data sources with the Splunk Add-on Builder platform, arises from improper processing of output data for registration logs. This allows a malicious actor to gain unauthorized access to edit the application.
The vulnerability of the Session Token Handler component in application add-ons for integrating external data sources with the Splunk Add-on Builder platform is related to improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor, operating...
CVE-2023-46231
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...
CVE-2023-46231
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...
Information disclosure
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files...
CVE-2023-46230 Sensitive Information Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files...
CVE-2023-46230 Sensitive Information Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files...
CVE-2023-46231 Session Token Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...
CVE-2023-46231 Session Token Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...
Splunk Security Breach
Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A...
PT-2024-1641 · Splunk · Splunk Add-On Builder
Name of the Vulnerable Software and Affected Versions: Splunk Add-on Builder versions prior to 4.1.4 Description: The issue is related to the application writing user session tokens to its internal log files when visiting the Splunk Add-on Builder or when building or editing a custom app or add-o...
PT-2024-1642 · Splunk · Splunk Add-On Builder
Name of the Vulnerable Software and Affected Versions: Splunk Add-on Builder versions prior to 4.1.4 Description: The issue is related to improper handling of log output, allowing a remote attacker to write arbitrary information to internal log files. This can lead to the exposure of sensitive...
CVE-2023-22943
In Splunk Add-on Builder AoB versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs...
PT-2023-18787 · Splunk · Splunk Cloudconnect Sdk +1
Name of the Vulnerable Software and Affected Versions: Splunk Add-on Builder versions prior to 4.1.2 Splunk CloudConnect SDK versions prior to 3.1.3 Description: The issue occurs when requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after...
Splunk 信任管理问题漏洞
Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index, and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A trust...