CVE-2023-40593

Summary

CVE-2023-40593 is a denial-of-service vulnerability affecting Splunk Enterprise versions below 9.0.6 and 8.2.12. A malicious actor can exploit this issue by sending malformed Security Assertion Markup Language (SAML) requests to the `/saml/acs` REST endpoint. This can result in a crash or hang of the Splunk daemon, causing a denial of service. Successful exploitation of this vulnerability may prevent legitimate users from accessing Splunk Enterprise, resulting in operational downtime. It is recommended that affected organizations upgrade to the latest version of Splunk Enterprise to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.