Third-Party Package Updates in Splunk Universal Forwarder - December 2024
Advisory ID: SVD-2024-1207
CVE ID: CVE-2024-5535
Published: 2024-12-10
Last Update: 2024-12-10
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder versions 9.1.7, 9.2.4, and 9.3.2, and higher, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| OpenSSL1 | Upgraded to 1.0.2zk | CVE-2024-5535 | Informational |
1 The Splunk Universal Forwarder is not affected by CVE-2024-5535. The implementation does not call SSL_select_next_proto and does not use the functionality. However, out of an abundance of caution, Splunk upgraded OpenSSL to 1.0.2zk.
Solution
Upgrade Splunk Universal Forwarder to versions 9.1.7, 9.2.4, 9.3.2, or higher.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Splunk Universal Forwarder | 9.3 | 9.3.0 to 9.3.1 | 9.3.2 | |
| Splunk Universal Forwarder | 9.2 | 9.2.0 to 9.2.3 | 9.2.4 | |
| Splunk Universal Forwarder | 9.1 | 9.1.0 to 9.1.6 | 9.1.7 |
Severity
The Splunk Universal Forwarder is not affected by CVE-2024-5535. The implementation does not call SSL_select_next_proto and does not use the functionality. Hence, the severity is informational.