CVE-2023-22943 MEDIUM

CVE-2023-22943: Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK

Vendor Splunk
Product Splunk Add-on Builder
Weakness CWE-636
Published February 14, 2023
Last update February 28, 2025
View on NVD All CVEs

CVSS base score

4.8/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.

Key dates

02Disclosure timeline

February 14, 2023 CVE published
February 28, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-41334 OpenClaw < 2026.3.31 - Decompression Bomb Denial of Service via Image Pixel-Limit Guard Bypass CVE-2024-3729 Frontend Admin by DynamiApps <= 3.19.4 - Improper Missing Encryption Exception Handling to Form Manipulation CVE-2026-32970 OpenClaw < 2026.3.11 - Credential Fallback Logic Bypass via Unavailable Local Auth SecretRefs CVE-2025-41760 Pass filter with Empty Table CVE-2024-8185 Vault Vulnerable to Denial of Service When Processing Raft Join Requests