Dear Splunk users,
We’re expecting this to be our final blog post about how we’re handling the Heartbleed OpenSSL vulnerability (CVE-2014-0160). For background, here are the previous installments from us:
What’s been done, products and services
We’ve updated and secured our products and services as follows:·
- Splunk Enterprise: We delivered a fixed version of our Splunk Enterprise software, as well as patches for the currently shipping versions. Refer to http://blogs.splunk.com/2014/04/10/fix-now-available-splunk-and-the-heartbleed-vulnerability/ this post for the links.
- Splunk Cloud offerings: As stated in http://blogs.splunk.com/2014/04/09/splunk-and-the-heartbleed-ssl-vulnerability/, our Splunk Storm and Splunk Cloud services were both secured last week.
- Bugsense (a Splunk company): We have secured the Bugsense service as described in this blog post: http://blog.bugsense.com/post/82717545967/bugsenses-actions-to-address-the-heartbleed-issue
- Cloudmeter (a Splunk company): The Cloudmeter Web Management Console was affected. We have since fixed the OpenSSL issue. Cloudmeter customers should contact their support representative to obtain the latest version.
What’s been done, online properties and 3rd-party vendors
We’ve reviewed and secured our major online properties by rekeying and obtaining new certificates. In addition, we have verified with our major vendors that they are not still vulnerable to Heartbleed. If they were vulnerable to Heartbleed, we have taken their recommended remediation actions.
It’s important to note that this is a client bug as well. We’re encouraging you to check your client systems for non-Splunk software that may use OpenSSL and update them as needed.
As a precaution, we’re also recommending that all our customers change their password using this link: https://www.splunk.com/page/update_my_account