Splunk Add On Builder
By the Year
In 2024 there have been 2 vulnerabilities in Splunk Add On Builder with an average score of 6.1 out of ten. Last year Add On Builder had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2024 as compared to last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.75.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 2 | 6.05 |
| 2023 | 1 | 5.30 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Add On Builder vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Splunk Add On Builder Security Vulnerabilities
In Splunk Add-on Builder versions below 4.1.4
CVE-2023-46231
7.2 - High
- January 30, 2024
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.
Insertion of Sensitive Information into Log File
In Splunk Add-on Builder versions below 4.1.4
CVE-2023-46230
4.9 - Medium
- January 30, 2024
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.
Insertion of Sensitive Information into Log File
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3
CVE-2023-22943
5.3 - Medium
- February 14, 2023
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
Improper Certificate Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Splunk Add On Builder or by Splunk? Click the Watch button to subscribe.
