exploitDog

GHSA-q2jq-j2q9-j85c

Опубликовано: 01 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.7

Описание

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon.

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon.

Ссылки

EPSS

Процентиль: 44%

0.00215

Низкий

7.7 High

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2023-32706

CVSS3: 7.7

nvd

больше 2 лет назад

On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an unauthenticated attacker can send specially-crafted messages to the XML parser within SAML authentication to cause a denial of service in the Splunk daemon.

EPSS

Процентиль: 44%

0.00215

Низкий

7.7 High

CVSS3

CVE ID

Дефекты

CWE-611