Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3143 SVD-2023-0613: June Third Party Package Updates in Splunk Enterprise 2 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Splunk Enterprise Publisher: Splunk Operating System: Windows UNIX variants (UNIX, Linux, OSX) Resolution: Patch/Upgrade CVE Names: CVE-2023-27538 CVE-2023-27537 CVE-2023-27536 CVE-2023-27535 CVE-2023-27534 CVE-2023-27533 CVE-2023-23916 CVE-2023-23915 CVE-2023-23914 CVE-2023-1370 CVE-2023-0286 CVE-2023-0215 CVE-2022-46175 CVE-2022-43680 CVE-2022-43552 CVE-2022-43551 CVE-2022-42916 CVE-2022-42915 CVE-2022-42004 CVE-2022-41720 CVE-2022-41716 CVE-2022-41715 CVE-2022-40304 CVE-2022-40303 CVE-2022-40023 CVE-2022-38900 CVE-2022-37616 CVE-2022-37603 CVE-2022-37601 CVE-2022-37599 CVE-2022-37434 CVE-2022-36227 CVE-2022-35737 CVE-2022-35260 CVE-2022-35252 CVE-2022-33987 CVE-2022-32221 CVE-2022-32208 CVE-2022-32207 CVE-2022-32206 CVE-2022-32205 CVE-2022-32189 CVE-2022-32148 CVE-2022-31129 CVE-2022-30635 CVE-2022-30634 CVE-2022-30633 CVE-2022-30632 CVE-2022-30631 CVE-2022-30630 CVE-2022-30629 CVE-2022-30580 CVE-2022-30115 CVE-2022-29804 CVE-2022-29526 CVE-2022-28327 CVE-2022-28131 CVE-2022-27782 CVE-2022-27781 CVE-2022-27780 CVE-2022-27779 CVE-2022-27778 CVE-2022-27776 CVE-2022-27775 CVE-2022-27774 CVE-2022-27664 CVE-2022-27191 CVE-2022-25858 CVE-2022-24999 CVE-2022-24921 CVE-2022-24675 CVE-2022-23806 CVE-2022-23773 CVE-2022-23772 CVE-2022-23491 CVE-2022-22576 CVE-2022-4304 CVE-2022-4200 CVE-2022-3517 CVE-2022-2880 CVE-2022-2879 CVE-2022-1962 CVE-2022-1705 CVE-2021-43565 CVE-2021-36976 CVE-2021-33587 CVE-2021-33503 CVE-2021-33502 CVE-2021-31566 CVE-2021-29060 CVE-2021-27292 CVE-2021-23382 CVE-2021-23368 CVE-2021-23343 CVE-2021-22947 CVE-2021-22946 CVE-2021-22945 CVE-2021-22926 CVE-2021-22925 CVE-2021-22924 CVE-2021-22923 CVE-2021-22922 CVE-2021-22901 CVE-2021-22898 CVE-2021-22897 CVE-2021-22890 CVE-2021-22876 CVE-2021-20095 CVE-2021-3803 CVE-2021-3520 CVE-2020-28469 CVE-2020-15138 CVE-2020-13822 CVE-2020-8286 CVE-2020-8285 CVE-2020-8284 CVE-2020-8231 CVE-2020-8203 CVE-2020-8177 CVE-2020-8169 CVE-2020-8116 CVE-2020-7774 CVE-2020-7753 CVE-2020-7662 CVE-2019-20149 CVE-2019-10746 CVE-2019-10744 CVE-2018-25032 CVE-2017-16042 Original Bulletin: https://advisory.splunk.com//advisories/SVD-2023-0613 Comment: CVSS (Max): 9.8* CVE-2022-42915 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS Source: NVD Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * Not all CVSS available when published - --------------------------BEGIN INCLUDED TEXT-------------------- June Third Party Package Updates in Splunk Enterprise Advisory ID: SVD-2023-0613 CVE ID: Multiple Published: 2023-06-01 Last Update: 2023-06-01 Description Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in versions 8.1.14, 8.2.11, and 9.0.5 of Splunk Enterprise, including the following: CVE Package Remediation Severity CVE-2022-40303 libxml2 Patched High CVE-2022-40304 libxml2 Patched High CVE-2023-0286 OpenSSL 1.0.2 Upgraded to 1.0.2zg High CVE-2023-0215 OpenSSL 1.0.2 Upgraded to 1.0.2zg High CVE-2022-4304 OpenSSL 1.0.2 Upgraded to 1.0.2zg Medium CVE-2023-27538 curl Upgraded to 8.0.1 Medium CVE-2023-27537 curl Upgraded to 8.0.1 Medium CVE-2023-27536 curl Upgraded to 8.0.1 Critical CVE-2023-27535 curl Upgraded to 8.0.1 High CVE-2023-27534 curl Upgraded to 8.0.1 High CVE-2023-27533 curl Upgraded to 8.0.1 High CVE-2023-23916 curl Upgraded to 8.0.1 Medium CVE-2023-23915 curl Upgraded to 8.0.1 Medium CVE-2023-23914 curl Upgraded to 8.0.1 Critical CVE-2022-43552 curl Upgraded to 8.0.1 Medium CVE-2022-43551 curl Upgraded to 8.0.1 High CVE-2022-42916 curl Upgraded to 8.0.1 High CVE-2022-42915 curl Upgraded to 8.0.1 Critical CVE-2022-35260 curl Upgraded to 8.0.1 Medium CVE-2022-32221 curl Upgraded to 8.0.1 Critical CVE-2022-35252 curl Upgraded to 8.0.1 Low CVE-2022-32208 curl Upgraded to 8.0.1 Medium CVE-2022-32207 curl Upgraded to 8.0.1 Critical CVE-2022-32206 curl Upgraded to 8.0.1 Medium CVE-2022-32205 curl Upgraded to 8.0.1 Medium CVE-2022-30115 curl Upgraded to 8.0.1 Medium CVE-2022-27782 curl Upgraded to 8.0.1 High CVE-2022-27781 curl Upgraded to 8.0.1 High CVE-2022-27780 curl Upgraded to 8.0.1 High CVE-2022-27779 curl Upgraded to 8.0.1 Medium CVE-2022-27778 curl Upgraded to 8.0.1 High CVE-2022-27776 curl Upgraded to 8.0.1 Medium CVE-2022-27775 curl Upgraded to 8.0.1 High CVE-2022-27774 curl Upgraded to 8.0.1 Medium CVE-2022-22576 curl Upgraded to 8.0.1 High CVE-2021-22947 curl Upgraded to 8.0.1 Medium CVE-2021-22946 curl Upgraded to 8.0.1 High CVE-2021-22945 curl Upgraded to 8.0.1 Critical CVE-2021-22926 curl Upgraded to 8.0.1 High CVE-2021-22925 curl Upgraded to 8.0.1 Medium CVE-2021-22924 curl Upgraded to 8.0.1 Low CVE-2021-22923 curl Upgraded to 8.0.1 Medium CVE-2021-22922 curl Upgraded to 8.0.1 Medium CVE-2021-22901 curl Upgraded to 8.0.1 High CVE-2021-22898 curl Upgraded to 8.0.1 Low CVE-2021-22897 curl Upgraded to 8.0.1 Medium CVE-2021-22890 curl Upgraded to 8.0.1 Low CVE-2021-22876 curl Upgraded to 8.0.1 Medium CVE-2020-8286 curl Upgraded to 8.0.1 High CVE-2020-8285 curl Upgraded to 8.0.1 High CVE-2020-8284 curl Upgraded to 8.0.1 Low CVE-2020-8231 curl Upgraded to 8.0.1 High CVE-2020-8177 curl Upgraded to 8.0.1 High CVE-2020-8169 curl Upgraded to 8.0.1 High CVE-2022-36227 libarchive Upgraded to 3.6.2 Critical CVE-2021-31566 libarchive Upgraded to 3.6.2 High CVE-2021-36976 libarchive Upgraded to 3.6.2 Medium CVE-2021-3520 lz4 Upgraded to 1.9.4 Critical CVE-2022-35737 SQLite Upgraded to 3.41.2 High CVE-2018-25032 zlib Applied patch High CVE-2022-37434 zlib Applied patch Critical CVE-2020-15138 prismjs Upgraded to 1.2.9 High CVE-2022-37616 xmldom Upgraded to 0.7.9 Critical CVE-2022-23491 certifi Upgraded to 2022.12.7 High CVE-2021-29060 color-string Upgraded to 1.5.5 Medium CVE-2022-38900 decode-uri-component Upgraded to 0.2.1 High CVE-2020-28469 glob-parent Upgraded to 5.1.2 High CVE-2022-46175 json5 Upgraded to 1.0.2 High CVE-2022-46175 json5 Upgraded to 2.2.3 High CVE-2022-37599 loader-utils Upgraded to 2.0.4 High CVE-2022-37601 loader-utils Upgraded to 2.0.4 Critical CVE-2022-37603 loader-utils Upgraded to 2.0.4 High CVE-2022-3517 minimatch Upgraded to 3.0.5 High CVE-2022-31129 moment Upgraded to 2.29.4 High CVE-2021-23343 path-parse Upgraded to 1.0.7 High CVE-2021-23368 postcss Upgraded to 7.0.36 Medium CVE-2021-23382 postcss Upgraded to 7.0.36 High CVE-2022-43680 python3 Upgraded to 3.7.16 High CVE-2022-24999 qs Upgraded to 6.5.3 High CVE-2020-7753 ssri Uppgraded to 6.0.2 High CVE-2022-25858 terser Upgraded to 4.8.1 High CVE-2021-3803 nth-check Upgraded to 2.0.1 High CVE-2020-7753 trim Upgraded to 0.0.3 High CVE-2021-33587 css-what Upgraded to 5.0.1 High CVE-2020-8116 dot-prop Upgraded to 4.2.1 High CVE-2020-13822 elliptic Upgraded to 6.5.4 High CVE-2022-33987 got Upgraded to 12.5.3 Medium CVE-2022-4200 jackson-databind Upgraded to 2.13.5 Medium CVE-2022-42004 jackson-databind Upgraded to 2.13.5 High CVE-2023-1370 json-smart Upgraded to 2.4.9 High CVE-2019-20149 kind-of Upgraded to 6.0.3 High CVE-2022-37601 loader-utils Upgraded to 1.4.2 Critical CVE-2022-37601 loader-utils Upgraded to 2.0.4 Critical CVE-2020-8203 lodash Upgraded to 4.17.21 High CVE-2019-10744 lodash-es Upgraded to 4.17.21 Critical CVE-2022-40023 mako Upgraded to 1.2.4 High CVE-2019-10746 mixin-deep Upgraded to 1.3.2 Critical CVE-2021-23382 postcss Upgraded to 7.0.37 High CVE-2021-33502 normalize-url Upgraded to 6.1.0 High CVE-2021-27292 ua-parser-js Upgraded to 0.7.35 High CVE-2021-33503 urllib3 Upgraded to 1.26.6 High CVE-2020-7662 websocket-extensions Upgraded to 0.1.4 High CVE-2020-7774 y18n Upgraded to 4.0.3 Critical CVE-2022-23806 go, crypto/elliptic Upgraded go to 1.2 Critical CVE-2022-23772 go, math/big Upgraded go to 1.2 High CVE-2021-43565 go, x/crypto Upgraded go to 1.2 High CVE-2022-30580 go, os/exec Upgraded go to 1.2 High CVE-2022-30633 go, encoding/xml Upgraded go to 1.2 High CVE-2022-28131 go, encoding/xml Upgraded go to 1.2 High CVE-2022-30632 go, path/filepath Upgraded go to 1.2 High CVE-2022-41716 go Upgraded go to 1.2 High CVE-2022-28327 go, crypto/elliptic Upgraded go to 1.2 High CVE-2022-24921 go Upgraded go to 1.2 High CVE-2022-30630 go, io/fs Upgraded go to 1.2 High CVE-2022-27191 go, crypto/ssh Upgraded go to 1.2 High CVE-2022-23773 go, cmd/go Upgraded go to 1.2 High CVE-2022-30634 go, crypto/rand Upgraded go to 1.2 High CVE-2022-41715 go Upgraded go to 1.2 High CVE-2022-24675 go, encoding/pem Upgraded go to 1.2 High CVE-2022-41720 go Upgraded go to 1.2 High CVE-2022-27664 go, net/http Upgraded go to 1.2 High CVE-2022-2880 go, net/http Upgraded go to 1.2 High CVE-2022-29804 go, path/filepath Upgraded go to 1.2 High CVE-2022-32189 go, math/big Upgraded go to 1.2 High CVE-2022-30635 go, encoding/gob Upgraded go to 1.2 High CVE-2022-30631 go, compress/gzip Upgraded go to 1.2 High CVE-2022-2879 go Upgraded go to 1.2 High CVE-2022-1705 go, net/http Upgraded go to 1.2 Medium CVE-2022-1962 go, go/parse Upgraded go to 1.2 Medium CVE-2022-29526 go, sys Upgraded go to 1.2 Medium CVE-2022-32148 go, net/http Upgraded go to 1.2 Medium CVE-2022-30629 go, crypto/tls Upgraded go to 1.2 Low CVE-2017-16042 Growl Upgraded to 1.10.5 Critical CVE-2021-20095 Babel Upgraded to 2.9.1 Medium Solution For Splunk Enterprise, upgrade versions to 8.1.14, 8.2.11, 9.0.5, or higher. Product Status Product Version Component Affected Version Fix Version Splunk Enterprise 8.1 - 8.1.13 and Lower 8.1.14 Splunk Enterprise 8.2 - 8.2.0 to 8.2.10 8.2.11 Splunk Enterprise 9.0 - 9.0.0 to 9.0.4 9.0.5 Severity For the CVEs listed above, Splunk adopted the national vulnerability database (NVD) CVSS rating to align with industry standards. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBZHmJJMkNZI30y1K9AQgcExAAm0z+24F3xKySHFl961nqlN3mwr0eCOac nDQ97g2el95vI7hKTN+sOlw48eBet2DwYyKA1GcKu1nr5IZElWa/qoSiZAH2dqik JcALwwqqjHA3CrHBSNmxPCO37RsxUlwJ2074wBqNJRdD/Eh6uNjIigHagsEbULzA n8CsMm3r+u6nWj1SE0W4Mb3iM/89n2qlsBc2xKmllCs+2Ph5GM2r1afmHSh4BOQu Y/Ewh1spdoqwxNU2hvQGrhGUHNo0LG3cdz4bNyHLxPTwT0n1bGR9vWApEj6mNEFX yheRhclPQEBeH6hNjRYWvhC2Px7NXJ1HwTtcozgul9pRi/OLnIWn2sn8xDm2BQIS sXFAfHTsIWas7eWa8gQKcFyHxDrbZoif/eqdgyFTgMSy9tjgBPFlwpyykVppfUZ6 p9zUi93zU0NqwidZ67uBgb5nDZX5VQ07EEWB3lSps2w/pYFmIsE+bSCj7TSS4vKm XTO9L8j1KGX6gswWegiYErRKcPUgUzy+26+JHwWNyBZP2cLD33CMvvwfAkW89rXR 9yrc2TyTLPzHITQX8x69pRawTz7fybHgixwXMULXBGolehj5OWnkNGaBDRw46YO/ eN0u8hy0//o5mpnIE/qnhGXI7TXDhT368MZN61H7nHkgvOvjeQ/z0vn/Rgitkcx+ /sTLKf2EPns= =cHP9 -----END PGP SIGNATURE-----