Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Question about SVD-2023-0805

intgmt
Engager
‎09-04-2023 05:23 AM

I have a question about security advisory SVD-2023-0805. It states only Splunk Web is affected, but the description clearly mentions the issue is caused by how OpenSSL is built, which is a very generic library. For this reason I would like to check if indeed only Splunk Web is affected, or that Splunk installations on Windows in general are affected.

I can imagine that OpenSSL is also used when a SSL/TLS connection is made from a forwarder to an indexer. This leads to the question: are universal forwarders on Windows also affected by this security advisory, even when Splunk Web is disabled?

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎09-04-2023 07:02 AM

I don't understand it, either, but Splunk engineering has confirmed only Splunk Web is affected.  That would exclude all Universal Forwarders.

---
If this reply helps you, Karma would be appreciated.
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Index This | What travels the world but is also stuck in place?

April 2026 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data

Realizing the full potential of your Splunk investment requires more than just understanding current usage; it ...

Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...

As data volumes continue to grow and environments become more distributed, managing and optimizing data ...