CVE-2023-40593
published 2023-08-30CVE-2023-40593: In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.49%
38.3th percentile
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| splunk | splunk | >= 8.2.0 < 8.2.12 | 8.2.12 |
| splunk | splunk | >= 9.0.0 < 9.0.6 | 9.0.6 |
| splunk | splunk_cloud | >= - < 9.0.2205 | 9.0.2205 |
| splunk | splunk_cloud_platform | <= 9.0.2305.100 | — |
| splunk | splunk_enterprise | >= 8.2 < 8.2.12 | 8.2.12 |
| splunk | splunk_enterprise | >= 9.0 < 9.0.6 | 9.0.6 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-08-30
Published