Third-Party Package Updates in Splunk Universal Forwarder - March 2024
Advisory ID: SVD-2024-0304
CVE ID: Multiple
Published: 2024-03-27
Last Update: 2024-03-27
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder versions 9.2.1, 9.1.4, 9.0.9 and higher, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| Openssl | Upgraded to 1.0.2zj | CVE-2024-0727, CVE-2023-5678 | Low |
| curl1 | Upgraded from 8.0.1 to 8.5.0 | multiple | Informational |
1 The Splunk Universal Forwarder is not affected by the CVEs listed by curl applicable to versions 8.0.1 through 8.4.0. However, out of an abundance of caution, Splunk upgraded it.
Solution
Upgrade Splunk Universal Forwarder to versions 9.2.1, 9.1.4, and 9.0.9, or higher.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Splunk Universal Forwarder | 9.2 | 9.2.0 to 9.2.0.1 | 9.2.1 | |
| Splunk Universal Forwarder | 9.1 | 9.1.0 to 9.1.3 | 9.1.4 | |
| Splunk Universal Forwarder | 9.0 | 9.0.0 to 9.0.8 | 9.0.9 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating, where applicable.