CVE-2023-46231
CVSS 3.1 Score 7.2 of 10 (high)
Details
Published Jan 30, 2024
Updated: Apr 10, 2024
CWE ID 532
Summary
CVE-2023-46231 is a vulnerability affecting Splunk Add-on Builder versions prior to 4.1.4. This issue allows user session tokens to be written in the application's internal log files, which could potentially lead to unauthorized access if the log files are accessed by unauthorized users. The tokens, which are used to authenticate and authorize user actions, can provide attackers with the ability to impersonate legitimate users or perform actions on their behalf. It is essential to update Splunk Add-on Builder to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Splunk