Session Token Disclosure to Internal Log Files in Splunk Add-on Builder
CVE-2023-46231

8.8HIGH

Key Information:

Vendor: Splunk
Status: Splunk Add-on Builder
Vendor: CVE Published:; 30 January 2024

Summary

An identified vulnerability in Splunk Add-on Builder allows the application to log user session tokens in its internal files when users access the application or modify custom apps. This exposure can potentially lead to unauthorized access, as sensitive session information is stored insecurely in log files. Organizations that utilize affected versions prior to 4.1.4 should assess their security protocols and apply the necessary updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

Splunk Add-on Builder - < 4.1.4

References

https://advisory.splunk.com/advisories/SVD-2024-0110

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 30, 2024
Vulnerability Reserved
Oct 19, 2023

Credit

Vikram Ashtaputre, Splunk