Vulnerabilities > Splunk > Cloudconnect Software Development KIT > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-14 CVE-2023-22943 Improper Certificate Validation vulnerability in Splunk products
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
network
low complexity
splunk CWE-295
5.3