Update 20141015 – Splunk’s official advisory has been released.
Update 20141016 – Changed from a specific TLS1.2 cipher to the generic “TLSv1.2” suite. Hat tip to @techxicologist.
If you’ve not seen that SSLv3 is irreparably broken, go read about it, then grab a strong drink and come back.
Splunk (as of release 6.1) does not give you a lot of controls for enabling / disabling SSL protocols. You have the supportSSLV3Only option in various config files (web.conf, server.conf, etc) but after the first sentence of this post you know you don’t want that set to “true”. There isn’t a matching “supportTLSOnly” option, so you are somewhat limited in your mitigation choices. For now, the best choice I see is using the cipherSuite option to force negotiation with only TLS 1.x ciphers.
Short story, drop this into your relevant .conf files:
supportSSLV3only=false cipherSuite = TLSv1.2
By forcing Splunk to only use TLS 1.2 ciphers, we in effect disable SSLv3. Unfortunately, we also disable TLS v1.0 and TLS v1.1. This will severely limit your browser support for accessing Splunk. If your browser is not the latest TLS v1.2-supporting new hotness, you’ll have no luck.
This same cipherSuite setting should work for Splunk-to-Splunk (data forwarding) and inter-Splunk (Deployment Server, Distributed Search, Clustering, etc) – as long as you are on Splunk 6.0 or later. (I don’t think OpenSSL in Splunk 5.0 and below supported TLS 1.2 – if I’m wrong here let me know). But please note there’s not been a lot of time for a lot of exhaustive testing here…
My analysis (and I’m no security professional so take with a grain of salt) is that your browser access to Splunkweb is the most at risk here because of things like the HTTP session cookies. For other Splunk uses of SSL like Splunk-to-Splunk and inter-Splunk, the data streams are different and these are typically all inside the data center, making the necessary MITM much harder.
Keep a careful eye on the Splunk Blogs site and the Splunk Product Security Portal for any official news from Splunk themselves regarding this. Hopefully they will have best practices, patches, or perhaps both in upcoming days.
Just to be entirely clear, this is not Splunk official advice. I don’t work for Splunk, and neither of us speak for each other. This may not work for you, but if it does (or does not!) let us know.
You can get back TLS 1.x with
cipherSuite = TLSv1.2:TLSv1
or
cipherSuite = ALL:!SSLv3:!SSLv2:!eNULL:!aNULL
Awesome writeup, Duane! Once everything (browsers and Splunk) understand it, the easy fix will be the pseudo cypher “TLS Fallback CSV” (https://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01) which effectively prevents the downgrade attack. Openssl was already upgraded to support this in 1.0.1j and I expect the browsers will quickly follow suit. I expect Splunk will as well.