VYPR
Unrated severityNVD Advisory· Published Aug 30, 2023· Updated Feb 28, 2025

Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request

CVE-2023-40593

Description

In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the /saml/acs REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.