Third-Party Package Updates in Splunk Enterprise - March 2024
Advisory ID: SVD-2024-0303
CVE ID: Multiple
Published: 2024-03-27
Last Update: 2024-03-27
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Enterprise versions 9.2.1, 9.1.4, 9.0.9 and higher, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| Openssl | Upgraded to 1.0.2zj | CVE-2024-0727, CVE-2023-5678 | Low |
| net, go1 | Upgraded to 0.2.0 | CVE-2023-39325 | High |
| go2 | Upgraded from 1.20.10 to 1.21.5 | multiple | See vendor |
| hive-exec | Upgraded from 3.1.3 to 4.0.0-beta-1 | multiple | See vendor |
| curl3 | Upgraded from 8.0.1 to 8.5.0 | multiple | See vendor |
| pywin32 | Upgraded to b306 | CVE-2021-32559 | Medium |
| jackson-databind4 | Upgraded from 2.9.10 to 2.13.5 | multiple | See vendor |
1 Upgraded in Splunk Assist
2 Upgraded in Splunk Assist
3 Splunk Enterprise is not affected by CVE-2023-38545
4 Removed jackson-databind-2.9.10 nested within $SPLUNK_HOME/bin/jars/thirdparty/common/parquet-hive-bundle-1.11.2.jar and added jackson-databind-2.13.5 under $SPLUNK_HOME/bin/jars/common
Solution
Upgrade Splunk Enterprise to versions 9.2.1, 9.1.4, and 9.0.9, or higher.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Splunk Enterprise | 9.2 | 9.2.0 to 9.2.0.1 | 9.2.1 | |
| Splunk Enterprise | 9.1 | 9.1.0 to 9.1.3 | 9.1.4 | |
| Splunk Enterprise | 9.0 | 9.0.0 to 9.0.8 | 9.0.9 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating, when available, or the national vulnerability database (NVD) common vulnerability scoring system (CVSS) rating, otherwise.