Lucene search
K

4 matches found

NVD
NVD
added 2023/08/30 5:15 p.m.20 views

CVE-2023-40593

In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language SAML request to the /saml/acs REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon...

7.5CVSS6.8AI score0.00487EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/30 4:19 p.m.20 views

CVE-2023-40593 Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request

In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language SAML request to the /saml/acs REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon...

6.3CVSS7.7AI score0.00487EPSS
Exploits0References2
CVE
CVE
added 2023/08/30 4:19 p.m.144 views

CVE-2023-40593

Summary: CVE-2023-40593 affects Splunk Enterprise versions prior to 9.0.6 and 8.2.12. A malformed SAML request to the /saml/acs endpoint can cause a denial of service via a crash or hang of the Splunk daemon. Details from connected sources: Advised fixes include updating to Splunk Enterprise 9.0....

7.5CVSS6.8AI score0.00487EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/08/30 12:0 a.m.21 views

Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6 (SVD-2023-0802)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0802 advisory. - In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup...

7.5CVSS7.4AI score0.00487EPSS
Exploits0References2
Rows per page
Query Builder