SSLv3.0/TLSv1.0 Protocol Weak CBC Mode vulnerability have been identified on Splunk during internal scan.
The internal PA team asked us to upgrade to TLSv1.1 or TLSv1.2,if not possible to upgrade they asked us to disable CBC mode ciphers.
It could be better if you could guide us to fix the issue.strong text
For Splunkd (port 8089 by default) - the proper setting of cipher suites is in
server.conf under the
sslConfig stanza, set the
cipherSuite option using a valid OpenSSL cipher suite specification. See http://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf
For splunkweb, there are similar settings in
I would like to know how we can replace SSL version to TLS version.
I guess by default splunk is using SSL encryption.
Thanks and Regards,