Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Will upgrading to Splunk Cloud 9.0.2303.100 fix Splunk vulnerabilities June 1st?

aberger0
Engager
‎06-05-2023 07:26 AM

Hello,

Splunk published multiple vulnerabilities on June 1st. Reading through the documentation of every vulnerability found. The Product Status states that the fix version is Splunk Cloud 9.0.2303.100. Would that mean that we would not need to worry about the vulnerabilities anymore?

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎06-05-2023 07:37 AM

Hi

you should look those from https://advisory.splunk.com/advisories. This https://advisory.splunk.com/advisories/SVD-2023-0615 told what issues have fixed with 9.0.2303.100 version.

r. Ismo

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎06-05-2023 07:37 AM

Hi

you should look those from https://advisory.splunk.com/advisories. This https://advisory.splunk.com/advisories/SVD-2023-0615 told what issues have fixed with 9.0.2303.100 version.

r. Ismo

0 Karma
Reply
Solved! Jump to solution

aberger0
Engager
‎06-05-2023 07:51 AM

Thank you for the quick response!

Correct me if I'm wrong, but https://advisory.splunk.com/advisories/SVD-2023-0615 is a list of third party packages with CVEs that were fixed.

How about this CVE: SVD-2023-0611 | Splunk Vulnerability Disclosure which was stated in the Product Status section that the fix version is 9.0.2303.100? Is my understanding correct that version 9.0.2303.100 remediates this CVE?

0 Karma
Reply
Solved! Jump to solution

isoutamo
SplunkTrust
SplunkTrust
‎06-05-2023 07:59 AM

You are correct those 3 first lines are for third party libraries fixed on splunk versions.

For Splunk Cloud splunk's service promise is:

For Splunk Cloud Platform, Splunk is actively monitoring and patching affected instances.

So when you have the latest SC version all known and available patches / work arounds should be fixed on that version. On site you must keep track of those versions and patch those as soon as Splunk has publish a new version or work around instructions for specific issue.

0 Karma
Reply
Get Updates on the Splunk Community!

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...