This page lists publicly disclosed CVE vulnerabilities affecting splunk add-on_builder (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-46231 | In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on. | [email protected] | 6.8 | 0.20% | 2024-01-30 | 2024-11-21 |
| CVE-2023-46230 | In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files. | [email protected] | 8.2 | 0.05% | 2024-01-30 | 2024-11-21 |
| CVE-2023-22943 | In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. | [email protected] | 4.8 | 0.28% | 2023-02-14 | 2024-11-21 |