cve/2023/CVE-2023-40593.md

### [CVE-2023-40593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40593)
![](https://img.shields.io/static/v1?label=Product&message=Splunk%20Cloud&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Splunk%20Enterprise&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=-%3C%209.0.2205%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.2%3C%208.2.12%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=The%20software%20does%20not%20properly%20control%20the%20allocation%20and%20maintenance%20of%20a%20limited%20resource%20thereby%20enabling%20an%20actor%20to%20influence%20the%20amount%20of%20resources%20consumed%2C%20eventually%20leading%20to%20the%20exhaustion%20of%20available%20resources.&color=brighgreen)

### Description

In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-40593](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40593)`
			`![](https://img.shields.io/static/v1?label=Product&message=Splunk%20Cloud&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Splunk%20Enterprise&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=-%3C%209.0.2205%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=8.2%3C%208.2.12%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=The%20software%20does%20not%20properly%20control%20the%20allocation%20and%20maintenance%20of%20a%20limited%20resource%20thereby%20enabling%20an%20actor%20to%20influence%20the%20amount%20of%20resources%20consumed%2C%20eventually%20leading%20to%20the%20exhaustion%20of%20available%20resources.&color=brighgreen)`

			`### Description`

			In Splunk Enterprise versions lower than 9.0.6 and 8.2.12, a malicious actor can send a malformed security assertion markup language (SAML) request to the `/saml/acs` REST endpoint which can cause a denial of service through a crash or hang of the Splunk daemon.

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`