CVE-2023-40593

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 30, 2023
Updated: Apr 10, 2024
CWE ID 400

Summary

CVE-2023-40593 is a denial-of-service vulnerability affecting Splunk Enterprise versions below 9.0.6 and 8.2.12. A malicious actor can exploit this issue by sending malformed Security Assertion Markup Language (SAML) requests to the `/saml/acs` REST endpoint. This can result in a crash or hang of the Splunk daemon, causing a denial of service. Successful exploitation of this vulnerability may prevent legitimate users from accessing Splunk Enterprise, resulting in operational downtime. It is recommended that affected organizations upgrade to the latest version of Splunk Enterprise to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Splunk Cloud
  • SPLUNK Enterprise Security

Affected Vendors

  • Splunk