1 results (0.002 seconds)
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0
CVE-2023-30960 – Insecure Direct Object Reference (IDOR) in Foundry job-tracker
https://notcve.org/view.php?id=CVE-2023-30960
A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required. • https://palantir.safebase.us/?tcuUid=115d9bf4-201f-4cfe-b2fc-219e3a2d945b • CWE-639: Authorization Bypass Through User-Controlled Key CWE-668: Exposure of Resource to Wrong Sphere •