Splunk has released critical security updates addressing multiple vulnerabilities in third-party packages across Enterprise versions 9.4.3, 9.3.5, 9.2.7, and 9.1.10, with severity ratings ranging from informational to critical.
The advisory, published on July 7, 2025, under Advisory ID SVD-2025-0710, encompasses fixes for numerous Common Vulnerabilities and Exposures (CVEs) affecting essential components including setuptools, golang libraries, OpenSSL, and libcurl.
Organizations running affected Splunk Enterprise versions are strongly advised to upgrade immediately to mitigate potential security risks that could compromise their data analytics infrastructure.
The security update addresses several critical and high-severity vulnerabilities that pose significant risks to enterprise environments.
Among the most serious threats remediated is CVE-2024-45337 affecting golang.org/x/crypto in the spl2-orchestrator component, which carries a critical severity rating.
Additionally, multiple high-severity vulnerabilities have been resolved across various golang implementations, including CVE-2024-6345 in setuptools and CVE-2025-22869 in golang.org/x/crypto within the identity component.
The golang runtime environments in both Mongodump and Mongorestore utilities have been upgraded to version 1.24.2, addressing a comprehensive list of CVEs including CVE-2025-22869, CVE-2025-27414, CVE-2025-22868, and several others.
These vulnerabilities could potentially allow attackers to exploit cryptographic weaknesses or execute unauthorized operations within the Splunk environment.
The libcurl component has also received significant attention, with an upgrade to version 8.11.1 that resolves nine separate CVEs, including CVE-2024-0853 and CVE-2025-0725.
Splunk Enterprise Addresses Third-Party Vulnerabilities
Splunk’s remediation approach involves systematic upgrades across multiple third-party packages, demonstrating the company’s commitment to maintaining security standards.
The setuptools package has been upgraded to version 70.0.0 specifically for Python 3.9 packages, addressing CVE-2024-6345.
Multiple golang.org/x/crypto implementations have received targeted updates, with the compsup component upgraded to version 0.37.0, identity component to 0.36.0, and spl2-orchestrator to 0.36.0.
Network-related vulnerabilities have been addressed through golang.org/x/net upgrades, with compsup updated to version 0.39.0 and spl2-orchestrator to 0.37.0, both targeting CVE-2024-45338.
The Beaker Python package has been specifically updated to version 1.12.1 in Splunk Enterprise 9.2.7, resolving CVE-2013-7489.
Additionally, the azure-storage-blob component has been upgraded to version 12.13.0 to address CVE-2022-30187, while OpenSSL has been updated to version 1.0.2zl, though Splunk notes that Enterprise and Universal Forwarder installations are not affected by CVE-2024-9143.
Upgrade Requirements
Organizations must prioritize immediate upgrades to avoid exposure to the addressed Splunk Enterprise Addresses Third-Party Vulnerabilities.
Splunk Enterprise version 9.4 users should upgrade from versions 9.4.0-9.4.2 to 9.4.3, while version 9.3 installations require updates from 9.3.0-9.3.4 to 9.3.5.
Users running Splunk Enterprise 9.2 must upgrade from versions 9.2.0-9.2.6 to 9.2.7, and those on version 9.1 should update from 9.1.0-9.1.9 to 9.1.10.
It’s important to note that certain binary components are not present in all versions, with spl2-orchestrator not available in versions 9.3.x, 9.2.x, 9.1.x or older, and compsup binary absent from 9.1.x installations.
Splunk has adopted vendor severity ratings and National Vulnerability Database (NVD) Common Vulnerability Scoring System (CVSS) ratings to ensure accurate risk assessment.
The comprehensive nature of these updates underscores the critical importance of maintaining current security patches in enterprise analytics environments.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
.webp?w=356&resize=356,220&ssl=1 "Microsoft Teams Blocking Users from Accessing Embedded Office Documents")
