Splunk Enterprise Receives Quarterly Security Updates


This week, Splunk disclosed the availability of a fresh batch of quarterly patches to fix various Splunk Enterprise security flaws. According to its severity rating, the high-severity TLS certificate validation problem in the Ingest Actions user interface is the most significant of the bugs.

The TLS certificate validation is not correctly carried out and tested for the destination when using Ingest Actions to configure a destination that is located on Amazon Simple Storage Service (S3), according to Splunk’s advisory. The security flaw, identified as CVE-2022-37437, only affects connections made through Splunk Web between Splunk Enterprise and Ingest Actions Destination.

The only affected environments have TLS certificate validation set up. Destinations set up directly in the outputs.conf configuration file, according to Splunk, are unaffected. Versions of Splunk Enterprise prior to 9.0.0 are unaffected.

Read More: Quarterly Security Patches Released for Splunk Enterprise

For more such updates follow us on Google News ITsecuritywire News