November 2023 Splunk Universal Forwarder Third-Party Updates
Advisory ID: SVD-2023-1107
CVE ID: Multiple
Published: 2023-11-16
Last Update: 2023-12-18
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| openssl | Upgraded to 1.0.2zi | CVE-2023-3817 | Low |
| openssl | Upgraded to 1.0.2zi | CVE-2023-3446 | Low |
Solution
For Splunk Universal Forwarder, upgrade versions to 9.0.7 or 9.1.2.
Product Status
| Product | Base Version | Affected Version | Fix Version |
|---|---|---|---|
| Splunk Universal Forwarder | 9.0 | 9.0.0 to 9.0.6 | 9.0.7 |
| Splunk Universal Forwarder | 9.1 | 9.1.0 to 9.1.1 | 9.1.2 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity.
Changelog
2023-12-18: Removed Python (CVE-2023-24329) and bottle (CVE-2022-31799) as neither are included in the Splunk Universal Forwarder product
2023-11-20: Corrected the product in the Product Status table from Splunk Enterprise to Splunk Universal Forwarder