CVE-2023-46231

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jan 30, 2024

Updated: Apr 10, 2024

CWE ID 532

Summary

CVE-2023-46231 is a vulnerability affecting Splunk Add-on Builder versions prior to 4.1.4. This issue allows user session tokens to be written in the application's internal log files, which could potentially lead to unauthorized access if the log files are accessed by unauthorized users. The tokens, which are used to authenticate and authorize user actions, can provide attackers with the ability to impersonate legitimate users or perform actions on their behalf. It is essential to update Splunk Add-on Builder to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Splunk

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tEfXRa
https://www.cve.org/CVERecord?id=CVE-2023-46231
https://nvd.nist.gov/vuln/detail/CVE-2023-46231

Back to Vulnerability Database

CVE-2023-46231

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations