In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Add-on_builder | Splunk | 4.1.0 (including) | 4.1.2 (excluding) |
| Cloudconnect_software_development_kit | Splunk | 3.1.0 (including) | 3.1.3 (excluding) |