November 2023 Splunk Universal Forwarder Third-Party Updates

Advisory ID: SVD-2023-1107

CVE ID:  Multiple

Published: 2023-11-16

Last Update: 2023-12-18

Description

Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder, including the following:

PackageRemediationCVESeverity
opensslUpgraded to 1.0.2ziCVE-2023-3817Low
opensslUpgraded to 1.0.2ziCVE-2023-3446Low

Solution

For Splunk Universal Forwarder, upgrade versions to 9.0.7 or 9.1.2.

Product Status

ProductBase VersionAffected VersionFix Version
Splunk Universal Forwarder9.09.0.0 to 9.0.69.0.7
Splunk Universal Forwarder9.19.1.0 to 9.1.19.1.2

Severity

For the CVEs in this list, Splunk adopted the vendor’s severity.

Changelog

  • 2023-12-18: Removed Python (CVE-2023-24329) and bottle (CVE-2022-31799) as neither are included in the Splunk Universal Forwarder product

  • 2023-11-20: Corrected the product in the Product Status table from Splunk Enterprise to Splunk Universal Forwarder