4 matches found
CVE-2023-40593
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language SAML request to the /saml/acs REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon...
CVE-2023-40593 Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request
In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language SAML request to the /saml/acs REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon...
CVE-2023-40593
Summary: CVE-2023-40593 affects Splunk Enterprise versions prior to 9.0.6 and 8.2.12. A malformed SAML request to the /saml/acs endpoint can cause a denial of service via a crash or hang of the Splunk daemon. Details from connected sources: Advised fixes include updating to Splunk Enterprise 9.0....
Splunk Enterprise 8.2.0 < 8.2.12, 9.0.0 < 9.0.6 (SVD-2023-0802)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0802 advisory. - In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup...