cve/2023/CVE-2023-22943.md

### [CVE-2023-22943](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22943)
![](https://img.shields.io/static/v1?label=Product&message=Splunk%20Add-on%20Builder&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Splunk%20CloudConnect%20SDK&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=3.1%3C%203.1.3%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.1%3C%204.1.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=When%20the%20product%20encounters%20an%20error%20condition%20or%20failure%2C%20its%20design%20requires%20it%20to%20fall%20back%20to%20a%20state%20that%20is%20less%20secure%20than%20other%20options%20that%20are%20available%2C%20such%20as%20selecting%20the%20weakest%20encryption%20algorithm%20or%20using%20the%20most%20permissive%20access%20control%20restrictions.&color=brighgreen)

### Description

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-22943](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22943)`
			`![](https://img.shields.io/static/v1?label=Product&message=Splunk%20Add-on%20Builder&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Splunk%20CloudConnect%20SDK&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=3.1%3C%203.1.3%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.1%3C%204.1.2%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=When%20the%20product%20encounters%20an%20error%20condition%20or%20failure%2C%20its%20design%20requires%20it%20to%20fall%20back%20to%20a%20state%20that%20is%20less%20secure%20than%20other%20options%20that%20are%20available%2C%20such%20as%20selecting%20the%20weakest%20encryption%20algorithm%20or%20using%20the%20most%20permissive%20access%20control%20restrictions.&color=brighgreen)`

			`### Description`

			`In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`