Splunk’s response to OpenSSL’s CVE-2022-3602 and CVE-2022-3786

Advisory ID: SVD-2022-1114

CVE ID: Multiple

Published: 2022-11-01

Last Update: 2022-11-01

Description

OpenSSL released two High vulnerabilities, CVE-2022-3602 and CVE-2022-3786, impacting OpenSSL 3.0 on Nov 1. For more information, see OpenSSL’s advisory. Splunk products and services are not impacted by CVE-2022-3602 or CVE-2022-3786. If OpenSSL 3.0 is present in your environment’s local operating system, we recommend updating per OpenSSL’s advisory.

Solution

NA, Splunk products and services are not impacted by CVE-2022-3602 or CVE-2022-3786.

Product Status

Product	Version	Component	Affected Version	Fix Version
Splunk Enterprise			Not affected
Universal Forwarders			Not affected
Splunk Cloud Platform			Not affected
Splunk Observatibility Platform			Not affected
SOAR Cloud			Not affected
SOAR			Not affected
SOAR Automation Broker			Not affected
Enterprise Security			Not affected
Splunk Security Essentials			Not affected
IT Service Intelligence			Not affected
Splunk UBA			Not affected
Data Stream Processor			Not affected
Splunk Addon for Active Directory			Not affected
Splunk Addon for Add-on for Infrastructure			Not affected
Splunk Addon for Add-on for Microsoft Exchange			Not affected
Splunk Addon for Add-on for VMware			Not affected
Splunk Addon for Amazon Kinesis Firehose			Not affected
Splunk Addon for Amazon Web Services			Not affected
Splunk Addon for Apache Web Server			Not affected
Splunk Addon for Bit9 Carbon Black			Not affected
Splunk Addon for Blue Coat ProxySG			Not affected
Splunk Addon for BMC Remedy			Not affected
Splunk Addon for Box			Not affected
Splunk Addon for Bromium			Not affected
Splunk Addon for Check Point OPSEC LEA			Not affected
Splunk Addon for Cisco ASA			Not affected
Splunk Addon for Cisco ESA			Not affected
Splunk Addon for Cisco FireSIGHT			Not affected
Splunk Addon for Cisco Identity Services			Not affected
Splunk Addon for Cisco UCS			Not affected
Splunk Addon for Citrix NetScaler			Not affected
Splunk Addon for CyberArk			Not affected
Splunk Addon for F5 BIG-IP			Not affected
Splunk Addon for Forcepoint Web Security			Not affected
Splunk Addon for Google Cloud Platform			Not affected
Splunk Addon for HAProxy			Not affected
Splunk Addon for IBM WebSphere Application Server			Not affected
Splunk Addon for Imperva SecureSphere WAF			Not affected
Splunk Addon for Infoblox			Not affected
Splunk Addon for ISC BIND			Not affected
Splunk Addon for ISC DHCP			Not affected
Splunk Addon for Java Management Extensions			Not affected
Splunk Addon for JBoss			Not affected
Splunk Addon for Juniper			Not affected
Splunk Addon for Kafka			Not affected
Splunk Addon for Linux			Not affected
Splunk Addon for McAfee			Not affected
Splunk Addon for McAfee Web Gateway			Not affected
Splunk Addon for Microsoft Cloud Services			Not affected
Splunk Addon for Microsoft Hyper-V			Not affected
Splunk Addon for Microsoft IIS			Not affected
Splunk Addon for Microsoft Office 365			Not affected
Splunk Addon for Microsoft SQL Server			Not affected
Splunk Addon for Microsoft Windows			Not affected
Splunk Addon for MySQL			Not affected
Splunk Addon for Nagios Core			Not affected
Splunk Addon for NGINX			Not affected
Splunk Addon for OPC			Not affected
Splunk Addon for Oracle Database			Not affected
Splunk Addon for OSSEC			Not affected
Splunk Addon for RSA DLP			Not affected
Splunk Addon for RSA SecurID			Not affected
Splunk Addon for Salesforce			Not affected
Splunk Addon for ServiceNow			Not affected
Splunk Addon for Sophos			Not affected
Splunk Addon for Squid Proxy			Not affected
Splunk Addon for Stream Addon for Wire Data			Not affected
Splunk Addon for Symantec DLP			Not affected
Splunk Addon for Symantec Endpoint Protection			Not affected
Splunk Addon for Tomcat			Not affected
Splunk Addon for Unix and Linux			Not affected
Splunk Addon for Websense DLP			Not affected
Splunk Addon for Zeek			Not affected
Splunk App for AWS			Not affected
Splunk App for Common Information Model (CIM)			Not affected
Splunk App for DB Connect			Not affected
Splunk App for DB Connect - Older Unsupported versions			Not affected
Splunk App for Info Sec			Not affected
Splunk App for InfoSec App for Splunk			Not affected
Splunk App for Infrastructure			Not affected
Splunk App for IT Essentials Learn			Not affected
Splunk App for IT Essentials Work			Not affected
Splunk App for Machine Learning Toolkit (MLTK) and Python for Scientific Computing (PSC)			Not affected
Splunk App for Microsoft Exchange			Not affected
Splunk App for NetApp Data ONTAP			Not affected
Splunk App for PCI Compliance			Not affected
Splunk App for Security Essentials			Not affected
Splunk App for Splunk Product Guidance			Not affected
Splunk App for Stream			Not affected
Splunk App for Unix and Linux			Not affected
Splunk App for VMware			Not affected
Splunk App for Windows			Not affected
Splunk App for Windows Infrastructure			Not affected
Splunk Add-on Builder			Not affected
Splunk AppInspect			Not affected
Splunk SDKs			Not affected
Splunk Logging Library for Java			Not affected
Security Analytics for AWS			Not affected
Splunk Add-on for VMware Metrics			Not affected
Splunk App for Content Packs			Not affected
Splunk App for Infrastructure (SAI)			Not affected
Splunk App for Mint			Not affected
Splunk Application Performance Monitoring			Not affected
Splunk Assist			Not affected
Splunk Augmented Reality			Not affected
Splunk Cloud Data Manager (SCDM)			Not affected
Splunk Cloud Developer Edition			Not affected
Splunk Connect for Kafka			Not affected
Splunk Connect for Kubernetes			Not affected
Splunk Connect for Kubernetes-OpenTelemetry			Not affected
Splunk Connect for SNMP			Not affected
Splunk Connect for Syslog			Not affected
Splunk DB TA LAR			Not affected
Splunk Edge Hub			Not affected
Splunk Enterprise Amazon Machine Image (AMI)			Not affected
Splunk Enterprise Docker Container			Not affected
Splunk Infrastructure Monitoring			Not affected
Splunk Log Observer			Not affected
Splunk Mint Android SDK			Not affected
Splunk Mint IOS SDK			Not affected
Splunk Mint Management console			Not affected
Splunk Mobile			Not affected
Splunk Network Performance Monitoring			Not affected
Splunk On-Call/Victor Ops/SSA			Not affected
Splunk OVA for VMware			Not affected
Splunk OVA for VMWare Metrics			Not affected
Splunk Profiling			Not affected
Splunk Real User Monitoring			Not affected
Splunk Secure Gateway			Not affected
Behavioral Analytics			Not affected
Splunk Stream Forwarder			Not affected
Splunk Synthetics			Not affected
Splunk TV			Not affected
Splunk UBA OVA Software			Not affected
Splunk VMWare OVA for ITSI			Not affected

If a Splunk Supported product or service is not listed above, the product or service is not affected by CVE-2022-3602 or CVE-2022-3786.

Mitigations and Workarounds

None

Detection

None

Severity

High