CVE-2023-40593

MEDIUM

Splunk Enterprise <9.0.6-8.2.12 - DoS

Title source: llm

Description

In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

References (2)

Core 2

Core References

Vendor Advisory

https://advisory.splunk.com/advisories/SVD-2023-0802

Vendor Advisory

https://research.splunk.com/application/8e8a86d5-f323-4567-95be-8e817e2baee6/

Scores

CVSS v3 6.3

EPSS 0.0013

EPSS Percentile 31.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Details

CWE

CWE-400

Status published

Products (2)

splunk/splunk 8.2.0 - 8.2.12

splunk/splunk_cloud_platform < 9.0.2305.100

Published Aug 30, 2023

Tracked Since Feb 18, 2026