本ページは splunk add-on_builder に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-46231 | In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on. | [email protected] | 6.8 | 0.20% | 2024-01-30 | 2024-11-21 |
| CVE-2023-46230 | In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files. | [email protected] | 8.2 | 0.05% | 2024-01-30 | 2024-11-21 |
| CVE-2023-22943 | In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. | [email protected] | 4.8 | 0.28% | 2023-02-14 | 2024-11-21 |