https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167546#M7841 <P>Just an update to make sure people use the current options: (v7.3+)</P> <P><A href="https://docs.splunk.com/Documentation/Splunk/latest/Security/Ciphersuites">https://docs.splunk.com/Documentation/Splunk/latest/Security/Ciphersuites</A></P> <P>HTH,</P> <P>Holger</P> Mon, 29 Jul 2019 13:04:06 GMT hsesterhenn_spl 2019-07-29T13:04:06Z https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167543#M7838 <P>Hi Team,</P> <P><STRONG>SSLv3.0/TLSv1.0 Protocol Weak CBC Mode vulnerability</STRONG> have been identified on Splunk during internal scan. <BR /> The internal PA team asked us to upgrade to TLSv1.1 or TLSv1.2,if not possible to upgrade they asked us to disable CBC mode ciphers.<BR /> It could be better if you could guide us to fix the issue.<STRONG>strong text</STRONG></P> <P>Regards,<BR /> Shiva</P> Fri, 16 May 2014 13:32:55 GMT https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167543#M7838 lal37 2014-05-16T13:32:55Z https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167544#M7839 <P>For Splunkd (port 8089 by default) - the proper setting of cipher suites is in <CODE>server.conf</CODE> under the <CODE>sslConfig</CODE> stanza, set the <CODE>cipherSuite</CODE> option using a valid OpenSSL cipher suite specification. See <A href="http://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf">http://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf</A></P> <P>For splunkweb, there are similar settings in <CODE>web.conf</CODE>.</P> Fri, 16 May 2014 15:05:04 GMT https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167544#M7839 dwaddle 2014-05-16T15:05:04Z https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167545#M7840 <P>Hi dawadle,</P> <P>I would like to know how we can replace SSL version to TLS version.<BR /> I guess by default splunk is using SSL encryption.<BR /> Please advice.</P> <P>Thanks and Regards,<BR /> Shiva</P> Mon, 26 May 2014 04:33:58 GMT https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167545#M7840 lal37 2014-05-26T04:33:58Z https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167546#M7841 <P>Just an update to make sure people use the current options: (v7.3+)</P> <P><A href="https://docs.splunk.com/Documentation/Splunk/latest/Security/Ciphersuites">https://docs.splunk.com/Documentation/Splunk/latest/Security/Ciphersuites</A></P> <P>HTH,</P> <P>Holger</P> Mon, 29 Jul 2019 13:04:06 GMT https://community.splunk.com/t5/Monitoring-Splunk/Disabling-CBC-mode-ciphers/m-p/167546#M7841 hsesterhenn_spl 2019-07-29T13:04:06Z