Splunk User Behavior Analytics (UBA) Third-Party Package Updates
Advisory ID: SVD-2024-0104
CVE ID: Multiple
Published: 2024-01-09
Last Update: 2024-01-09
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk User Behavior Analytics (UBA) versions 5.3.0 and 5.2.1, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| socket.io-parser | Upgraded to 4.6.2 | CVE-2023-32695 | High |
| protobuf | Upgraded to 3.21.12 | CVE-2015-5237 | High |
| protobuf | Upgraded to 3.21.12 | CVE-2022-3171 | High |
| protobuf | Upgraded to 3.21.12 | CVE-2022-3509 | High |
| protobuf | Upgraded to 3.21.12 | CVE-2022-3510 | High |
| Guava | Upgraded to 32.0.1 | CVE-2023-2976 | High |
Solution
Upgrade Splunk User Behavior Analytics (UBA) to version 5.3.0, 5.2.1, or higher.
Product Status
| Product | Affected Version | Fix Version |
|---|---|---|
| Splunk User Behavior Analytics (UBA) | Below 5.3.0 | 5.3.0 |
| Splunk User Behavior Analytics (UBA) | Below 5.2.1 | 5.2.1 |
Severity
For the CVEs in this list, Splunk adopted the national vulnerability database (NVD) common vulnerability scoring system (CVSS) rating to align with industry standards.