Lucene search
+L

CVE-2023-40593

🗓️ 30 Aug 2023 16:19:41Reported by SplunkType 
cve
 cve
🔗 web.nvd.nist.gov👁 145 Views🌐 WEB

Splunk Enterprise <9.0.6, 8.2.12 SAML DoS vulnerability

Related
Detection
Affected
Refs
Paths
ReporterTitlePublishedViews
Family
circl
CVE-2023-40593
30 Aug 202320:12
circl
cnnvd
Splunk 安全漏洞
30 Aug 202300:00
cnnvd
cvelist
CVE-2023-40593 Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request
30 Aug 202316:19
cvelist
euvd
EUVD-2023-45151
3 Oct 202520:07
euvd
ncsc
Vulnerabilities fixed in Splunk Enterprise
31 Aug 202300:00
ncsc
nvd
CVE-2023-40593
30 Aug 202317:15
nvd
osv
CVE-2023-40593
30 Aug 202317:15
osv
prion
Design/Logic Flaw
30 Aug 202317:15
prion
ptsecurity
PT-2023-27527 · Splunk · Splunk Enterprise
30 Aug 202300:00
ptsecurity
nessus
Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6 (SVD-2023-0802)
30 Aug 202300:00
nessus
Rows per page
NVD
Node
OR
splunksplunkRange8.2.08.2.12enterprise
splunksplunkRange9.0.09.0.6enterprise
splunksplunk_cloud_platformRange9.0.2305.100
[
  {
    "product": "Splunk Enterprise",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "8.2",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "8.2.12"
      },
      {
        "version": "9.0",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.6"
      }
    ]
  },
  {
    "product": "Splunk Cloud",
    "vendor": "Splunk",
    "versions": [
      {
        "version": "-",
        "status": "affected",
        "versionType": "custom",
        "lessThan": "9.0.2205"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
SAMLRequestrequest body/saml/acsMalformed SAMLRequest can crash or hang Splunk daemon via /saml/acs, causing denial of service in affected versions.CWE-400
RelayStaterequest body/saml/acsMalformed SAMLRequest can crash or hang Splunk daemon via /saml/acs, causing denial of service in affected versions.CWE-400

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 06:18Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.16.3 - 7.5
EPSS0.00487
145