Not Failing Securely ('Failing Open')

CVE-2023-22943

Medium

4.8/10

Summary

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-636 - Not Failing Securely ('Failing Open')

When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.

References

Advisory Timeline

Published Feb 14, 2023

Not Failing Securely ('Failing Open')

CVE-2023-22943

Summary

CWE-636 - Not Failing Securely ('Failing Open')

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS