Lucene search

PalantirCVELIST:CVE-2023-30948

HistoryJun 06, 2023 - 2:12 p.m.

CVE-2023-30948 Retrieval of Attachments to Comments lacks Authorization

2023-06-0614:12:59

CWE-285

Palantir

www.cve.org

cve-2023-30948

security defect

foundry

authorization checks

attachments

comments

gated

authenticated user

injection

patch

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

24.2%

JSON

A security defect in Foundry’s Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it’s content.

This defect was fixed in Foundry Comments 2.249.0, and a patch was rolled out to affected Foundry environments. No further intervention is required at this time.

CNA Affected

[
  {
    "vendor": "Palantir",
    "product": "com.palantir.comments:comments",
    "versions": [
      {
        "version": "*",
        "versionType": "semver",
        "lessThan": "2.249.0",
        "status": "affected"
      }
    ]
  }
]

References

palantir.safebase.us/?tcuUid=101b083b-6389-4261-98f8-23448e133a62

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

24.2%

JSON

Related for CVELIST:CVE-2023-30948