Lucene search
+L

34 matches found

CNNVD
CNNVD
added 2023/07/10 12:0 a.m.7 views

Palantir Foundry Issues 安全漏洞

Palantir Foundry Issues is an application from Palantir USA. A security vulnerability exists in Palantir Foundry Issues. An attacker could exploit the vulnerability to obtain sensitive information...

5.3CVSS5.8AI score0.00455EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/10 12:0 a.m.7 views

PT-2023-18717 · Unknown · Foundry Frontend +1

Name of the Vulnerable Software and Affected Versions: Foundry Issues versions prior to 2.510.0 Foundry Frontend versions prior to 6.228.0 Description: A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an...

7.7CVSS7.5AI score0.00686EPSS
Exploits0References3
NVD
NVD
added 2023/06/29 7:15 p.m.25 views

CVE-2023-30946

A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...

4.3CVSS4.2AI score0.00393EPSS
Exploits0References1
OSV
OSV
added 2023/06/29 7:15 p.m.8 views

CVE-2023-30946

A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...

4.3CVSS5.8AI score0.00393EPSS
Exploits0References1
Prion
Prion
added 2023/06/29 7:15 p.m.23 views

Code injection

A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...

4CVSS4.7AI score0.00393EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/29 6:49 p.m.19 views

CVE-2023-30946 Issues notification metadata lacks authorization

A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...

3.5CVSS6.8AI score0.00393EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/29 6:49 p.m.21 views

CVE-2023-30946 Issues notification metadata lacks authorization

A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UU...

3.5CVSS5AI score0.00393EPSS
Exploits0References1
CVE
CVE
added 2023/06/29 6:49 p.m.40 views

CVE-2023-30946

Foundry Issues had an authorization flaw where a user who could not view a resource could query Foundry’s Notification API and retrieve issue metadata (RID, severity, author UUID, and title). Affected are Foundry Issues prior to version 2.497.0; remediation is to upgrade to a fixed release (2.497...

4.3CVSS4.1AI score0.00393EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/06/29 12:0 a.m.5 views

Palantir Foundry Issues 安全漏洞

Palantir Foundry Issues is an application from Palantir USA. A security vulnerability exists in Palantir Foundry Issues prior to version 2.497.0 that stems from allowing unauthorized users to retrieve issue metadata from Foundry's notification API...

4.3CVSS5.1AI score0.00393EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/29 12:0 a.m.10 views

PT-2023-23077 · Unknown · Foundry Issues

Name of the Vulnerable Software and Affected Versions: Foundry Issues affected versions not specified Description: A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query...

4.3CVSS4.4AI score0.00393EPSS
Exploits0References3
OSV
OSV
added 2022/04/26 11:15 p.m.5 views

CVE-2022-27888

Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...

5.5CVSS6AI score0.00224EPSS
Exploits0References1
Prion
Prion
added 2022/04/26 11:15 p.m.16 views

Design/Logic Flaw

Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...

2.1CVSS5.2AI score0.00224EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/26 10:35 p.m.20 views

CVE-2022-27888 The Foundry Issues service was found to be logging in a manner that captured session tokens.

Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...

5.5CVSS5.5AI score0.00224EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/29 9:0 p.m.5 views

CVE-2022-27888

Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information session tokens. This issue was fixed in 2.249.1...

5.5CVSS6AI score0.00224EPSS
Exploits0References2
Rows per page
Query Builder