CVE-2023-22943

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. The vulnerability affects AoB and apps that AoB generates when using the REST API Modular Input functionality through its user interface. The vulnerability also potentially affects third-party apps and add-ons that call the *cloudconnectlib.splunktacollectorlib.cloud_connect_mod_input* Python class directly.
References
Link Resource
https://advisory.splunk.com/advisories/SVD-2023-0213 Mitigation Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:splunk:cloudconnect_software_development_kit:*:*:*:*:*:*:*:*
cpe:2.3:a:splunk:add-on_builder:*:*:*:*:*:*:*:*

Information

Published : 2023-02-14 06:15

Updated : 2023-02-23 04:17


NVD link : CVE-2023-22943

Mitre link : CVE-2023-22943

Products Affected
No products.
CWE
No CWE.