vulnerability

Splunk: CVE-2023-40594: Denial of Service (DoS) via the ‘printf’ Search Function

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Aug 30, 2023	Apr 7, 2025	Oct 31, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Aug 30, 2023

Added

Apr 7, 2025

Modified

Oct 31, 2025

Description

In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can use the ‘printf’ SPL function to perform a denial of service (DoS) against the Splunk Enterprise instance through a crash of the Splunk daemon.Theprintffunction does not properly validate expressions in certain cases in combination with commands likefieldformatthat occur earlier in the search pipeline. This failure to validate results in a crash of the Splunk daemon and the subsequent DoS.

Solution

splunk-upgrade-latest

References

CVE-2023-40594
https://attackerkb.com/topics/CVE-2023-40594
URL-https://advisory.splunk.com/advisories/SVD-2023-0803.html
CWE-400

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today