Third Party Package Updates in IT Service Intelligence (ITSI)

Advisory ID: SVD-2023-0811

CVE ID: Multiple

Published: 2023-08-30

Last Update: 2023-08-30

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk IT Service Intelligence (ITSI), including the following:

PackageRemediationCVESeverity
guavaUpgraded to 32.0.0CVE-2023-2976High

Solution

For Splunk IT Service Intelligence (ITSI), upgrade versions to 4.13.3 or 4.15.3

Product Status

ProductBase VersionAffected VersionFix Version
Splunk ITSI4.154.15.0 to 4.15.24.15.3
Splunk ITSI4.134.13.0 to 4.13.24.13.3

Severity

For the CVEs in this list, Splunk adopted the national vulnerability database (NVD) common vulnerability scoring system (CVSS) rating to align with industry standards.