CVE-2023-40593
30.08.2023, 17:15
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.Enginsight
| Vendor | Product | Version |
|---|---|---|
| splunk | splunk | 8.2.0 ≤ 𝑥 < 8.2.12 |
| splunk | splunk | 9.0.0 ≤ 𝑥 < 9.0.6 |
| splunk | splunk_cloud_platform | 𝑥 ≤ 9.0.2305.100 |
𝑥
= Vulnerable software versions