cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-46230,https://securityvulnerability.io/vulnerability/CVE-2023-46230,Sensitive Information Disclosure to Internal Log Files in Splunk Add-on Builder,"In versions of Splunk Add-on Builder prior to 4.1.4, the application exhibits a vulnerability where it inadvertently writes sensitive information to internal log files. This can lead to unauthorized access to sensitive data, increasing the risk of data exposure and potential misuse. Organizations using affected versions are advised to upgrade to the latest version to mitigate this security risk and protect their data integrity.",Splunk,Splunk Add-on Builder,8.2,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2024-01-30T17:00:49.161Z,0
CVE-2023-46231,https://securityvulnerability.io/vulnerability/CVE-2023-46231,Session Token Disclosure to Internal Log Files in Splunk Add-on Builder,"An identified vulnerability in Splunk Add-on Builder allows the application to log user session tokens in its internal files when users access the application or modify custom apps. This exposure can potentially lead to unauthorized access, as sensitive session information is stored insecurely in log files. Organizations that utilize affected versions prior to 4.1.4 should assess their security protocols and apply the necessary updates to mitigate the risk associated with this vulnerability.",Splunk,Splunk Add-on Builder,8.8,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2024-01-30T17:00:46.832Z,0
CVE-2023-22943,https://securityvulnerability.io/vulnerability/CVE-2023-22943,Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK,"In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.",Splunk,"Splunk Add-on Builder,Splunk Cloudconnect Sdk",4.8,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2023-02-14T18:15:00.000Z,0