OpenSSL vulnerabilities including SWEET32 addressed by version upgrade to 1.0.1u and 1.0.2j (SPL-129207)
Description: Splunk Enterprise versions 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, 6.4.x before 6.3.5, 6.5.0 and Splunk Light versions before 6.5.0 are affected by multiple vulnerabilities in OpenSSL include SWEET32 (1, 2 (SWEET32) , 3, 4, 5, 6, 7, 8, 9, 10, 11). OpenSSL has been upgraded to 1.0.1u or 1.0.2j appropriately to address the vulnerabilities.
Notes: Splunk Enterprise 5.0.x will not be patched for OpenSSL issues. Splunk recommends updating to the latest version of Splunk Enterprise.
In order to address the OpenSSL SWEET32, vulnerability, along with the version update, the SSL cipherSuite should be updated on inputs.conf file to remove medium strength ciphers (:Medium:).