Security Advisory

CVE-2023-40593

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-30 16:19:41

Last updated 2025-02-28 11:03:56

Assigner Splunk

State PUBLISHED

Description

In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

← Browse all CVEs View on cve.org ↗