Security

open security vulnerabilities on the latest splunk image

altafrattani
New Member

There are several vulnerabilities, some almost 5 years old, that are still present in the latest Splunk Kubernetes image version. Do we have an ETA on when will these get resolved?

Here is the list

CVE-2018-1000654
CVE-2018-1000879
CVE-2018-1000880
CVE-2018-1121
CVE-2018-19211
CVE-2018-19211
CVE-2018-20657
CVE-2018-20657
CVE-2018-20657
CVE-2018-20786
CVE-2018-20839
CVE-2019-12900
CVE-2019-14250
CVE-2019-14250
CVE-2019-14250
CVE-2019-17543
CVE-2019-19244
CVE-2019-8905
CVE-2019-8906
CVE-2019-9674
CVE-2019-9674
CVE-2019-9923
CVE-2019-9936
CVE-2019-9937
CVE-2020-17049
CVE-2020-17049
CVE-2020-21674
CVE-2021-20193
CVE-2021-24032
CVE-2021-31879
CVE-2021-35937
CVE-2021-35937
CVE-2021-35938
CVE-2021-35938
CVE-2021-35939
CVE-2021-35939
CVE-2021-3927
CVE-2021-39537
CVE-2021-39537
CVE-2021-3974
CVE-2021-3997
CVE-2021-4166
CVE-2021-4209
CVE-2021-43618
CVE-2022-0351
CVE-2022-1619
CVE-2022-1720
CVE-2022-2124
CVE-2022-2125
CVE-2022-2126
CVE-2022-2129
CVE-2022-2175
CVE-2022-2182
CVE-2022-2183
CVE-2022-2206
CVE-2022-2207
CVE-2022-2208
CVE-2022-2210
CVE-2022-2284
CVE-2022-2285
CVE-2022-2286
CVE-2022-2287
CVE-2022-2309
CVE-2022-2343
CVE-2022-2344
CVE-2022-2345
CVE-2022-23491
CVE-2022-23990
CVE-2022-2522
CVE-2022-27943
CVE-2022-27943
CVE-2022-27943
CVE-2022-2819
CVE-2022-2845
CVE-2022-2849
CVE-2022-2923
CVE-2022-2946
CVE-2022-2980
CVE-2022-3037
CVE-2022-3153
CVE-2022-3219
CVE-2022-3234
CVE-2022-3235
CVE-2022-3256
CVE-2022-3296
CVE-2022-3352
CVE-2022-3705
CVE-2022-40023
CVE-2022-40897
CVE-2022-40897
CVE-2022-40897
CVE-2022-40899
CVE-2022-4292
CVE-2022-4293
CVE-2022-4899
CVE-2023-0049
CVE-2023-0054
CVE-2023-0288
CVE-2023-0433
CVE-2023-0464
CVE-2023-0464
CVE-2023-0465
CVE-2023-0465
CVE-2023-0466
CVE-2023-0466
CVE-2023-0512
CVE-2023-1127
CVE-2023-1170
CVE-2023-1175
CVE-2023-1264
CVE-2023-24056
CVE-2023-24056
CVE-2023-24056
CVE-2023-24056
CVE-2023-27534
CVE-2023-27534
CVE-2023-27536
CVE-2023-27536
CVE-2023-28484
CVE-2023-28486
CVE-2023-28487
CVE-2023-29469
Labels (1)
0 Karma

isoutamo
SplunkTrust
SplunkTrust
Hi
If I have understood right you could/should define used splunk version on configuration when you are building this up? See: https://splunk.github.io/splunk-operator/SplunkOperatorUpgrade.html
Configuring Operator to watch specific namespace
Configuring Operator to watch specific namespace
Under "Configuring Operator to watch specific namespace" are example where Splunk Enterprise version has defined.
r. Ismo
0 Karma

jrandol
New Member

Hi @isoutamo and others,

There is some additional information about the vulnerabilities posted above. We are utilizing docker splunk for our docker http event collector, so that we can send logs from our Kubernetes clusters to splunk Within that docker image, we are pulling in [1] 8.2.5 or [2] 9.0.5. We use twistlock to report vulnerabilities from our image and all of those vulnerabilities are being pulled from the docker splunk image tags mentioned below.

We were wondering is there a process for Splunk to fix those vulnerabilities that were mentioned? If there is a process, can you take us through how that process works?

Thanks and we look forward to talking with you.

 

[1] https://github.com/splunk/docker-splunk/tree/8.2.5

[2] https://github.com/splunk/docker-splunk/tree/9.0.5

 

0 Karma
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...