CVE-2023-40593 Information

Sep 01, 2023 cve

Description

In Splunk Enterprise versions lower than 9.0.6 and 8.2.12 a malicious actor can send a malformed security assertion markup language (SAML) request to the /saml/acs REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

Reference

https://advisory.splunk.com/advisories/SVD-2023-0802

Share on: