cbcvebase.
CVE-2023-40593
published 2023-08-30

CVE-2023-40593: In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the…

PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.49%
38.3th percentile
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

Affected

6 ranges
VendorProductVersion rangeFixed in
splunksplunk>= 8.2.0 < 8.2.128.2.12
splunksplunk>= 9.0.0 < 9.0.69.0.6
splunksplunk_cloud>= - < 9.0.22059.0.2205
splunksplunk_cloud_platform<= 9.0.2305.100
splunksplunk_enterprise>= 8.2 < 8.2.128.2.12
splunksplunk_enterprise>= 9.0 < 9.0.69.0.6
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.