EIQ-2018-0007
ID |
EIQ-2018-0007 (Former ref.: 1801-08) |
CVE |
- |
Description |
Secure connection verification is always on with some plug-ins |
Date |
- |
Severity |
1 - LOW |
CVSSv3 score |
CVSSv3 score not available on NIST NVD. |
Status |
2.3.1 (partially) 2.3.4 (completely) |
Assessment |
The platform extensions Splunk and Pan-OS were not verifying HTTPs certificates when communicating with security controls. A fix for Splunk was released with EclecticIQ Platform 2.3.1. |
Mitigation |
- |
Affected versions |
Platform instances using the Splunk sightings enricher before EclecticIQ Platform 2.3.1. Platform instances using PanOS instrumentation before EclecticIQ Platform 2.3.4. |
Notes |
The connection between security controls and TIP is the under control of the user, the probability of a system being affected is low. An adversary would need access to the local network to exploit this successfully. |