Vulnerabilities > Splunk > ADD ON Builder > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-01-30 CVE-2023-46230 Information Exposure Through Log Files vulnerability in Splunk Add-On Builder 4.1.0/4.1.1/4.1.2
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.
network
low complexity
splunk CWE-532
4.9
2023-02-14 CVE-2023-22943 Improper Certificate Validation vulnerability in Splunk products
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
network
low complexity
splunk CWE-295
5.3