CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30948 – Retrieval of Attachments to Comments lacks Authorization
https://notcve.org/view.php?id=CVE-2023-30948
A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's content. This defect was fixed in Foundry Comments 2.249.0, and a patch was rolled out to affected Foundry environments. No further intervention is required at this time. • https://palantir.safebase.us/?tcuUid=101b083b-6389-4261-98f8-23448e133a62 • CWE-285: Improper Authorization CWE-862: Missing Authorization •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27890
https://notcve.org/view.php?id=CVE-2022-27890
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of AtlasDB, the vulnerability was mitigated by other network controls such as two-way TLS when deployed as part of a Palantir platform. Palantir still recommends upgrading to a non-vulnerable version out of an abundance of caution. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-15.md • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27891 – Palantir Gotham included an unauthenticated endpoint that listed all active usernames in the platform with an active session.
https://notcve.org/view.php?id=CVE-2022-27891
Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recommended that customers upgrade all affected services to the latest version. This issue affects: Palantir Gotham versions prior to 103.30221005.0. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-10.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-306: Missing Authentication for Critical Function •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27892 – Palantir Gotham included an endpoint that would log arbitrary sized payloads.
https://notcve.org/view.php?id=CVE-2022-27892
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-11.md • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27897 – Palantir Gotham included an endpoint that would log arbitrary sized zip files.
https://notcve.org/view.php?id=CVE-2022-27897
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-12.md • CWE-20: Improper Input Validation •