https://community.splunk.com/t5/Splunk-Enterprise/OpenSSL-SEoL-1-1-1-x/m-p/697830#M20096 <P>What version of the app are you using?&nbsp; Does the vulnerability tool report a CVE?&nbsp; What is it?</P> Fri, 30 Aug 2024 13:30:39 GMT richgalloway 2024-08-30T13:30:39Z https://community.splunk.com/t5/Splunk-Enterprise/OpenSSL-SEoL-1-1-1-x/m-p/697785#M20092 <P>Our vulnerability scan is reporting a critical severity finding affecting several components of Splunk Enterprise related to OpenSSL (1.1.1.x) version that has become EOL/EOS. My researches seem to point out that this version of OpenSSL may not yet be EOS for Splunk due to a purchase of an extended support contract; however, I have been unsuccessful in finding a documentation to support this. Please help provide this information or suggest how this finding can be addressed.</P><P><EM>Path : /opt/splunk/etc/apps/Splunk_SA_Scientific_Python_linux_x86_64/bin/linux_x86_64/lib/libcrypto.so</EM><BR /><EM>Installed version : 1.1.1k</EM><BR /><EM>Security End of Life : September 11, 2023</EM><BR /><EM>Time since Security End of Life (Est.) : &gt;= 6 months</EM></P><P>&nbsp;Thank you.</P> Thu, 29 Aug 2024 22:54:57 GMT https://community.splunk.com/t5/Splunk-Enterprise/OpenSSL-SEoL-1-1-1-x/m-p/697785#M20092 benedicteflora 2024-08-29T22:54:57Z https://community.splunk.com/t5/Splunk-Enterprise/OpenSSL-SEoL-1-1-1-x/m-p/697830#M20096 <P>What version of the app are you using?&nbsp; Does the vulnerability tool report a CVE?&nbsp; What is it?</P> Fri, 30 Aug 2024 13:30:39 GMT https://community.splunk.com/t5/Splunk-Enterprise/OpenSSL-SEoL-1-1-1-x/m-p/697830#M20096 richgalloway 2024-08-30T13:30:39Z