CVE-2023-32706
CVSS V2 None
CVSS V3 None
Description
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon.
Overview
- CVE ID
- CVE-2023-32706
- Assigner
- Splunk
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-06-01T16:34:28.142Z
- Last Modified Date
- 2024-04-10T00:52:50.392Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://advisory.splunk.com/advisories/SVD-2023-0601 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-32706 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32706 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 11:46:24 | Added to TrackCVE |