Third-Party Package Updates in Splunk Universal Forwarder - December 2024
Advisory ID: SVD-2024-1207
CVE ID: CVE-2024-5535
Published: 2024-12-10
Last Update: 2024-12-10
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Universal Forwarder versions 9.1.7, 9.2.4, and 9.3.2, and higher, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| OpenSSL | Upgraded to 1.0.2zk | CVE-2024-5535 | Informational |
Solution
Upgrade Splunk Universal Forwarder to versions 9.1.7, 9.2.4, 9.3.2, or higher.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Splunk Universal Forwarder | 9.3 | 9.3.0 to 9.3.1 | 9.3.2 | |
| Splunk Universal Forwarder | 9.2 | 9.2.0 to 9.2.3 | 9.2.4 | |
| Splunk Universal Forwarder | 9.1 | 9.1.0 to 9.1.6 | 9.1.7 |
Severity
The Splunk Universal Forwarder is not affected by CVE-2024-5535. The implementation does not call SSL_select_next_proto and does not use the functionality. Hence, the severity is informational.