CVE-2022-48308
https://notcve.org/view.php?id=CVE-2022-48308
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-14.md • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •
CVE-2022-27891 – Palantir Gotham included an unauthenticated endpoint that listed all active usernames in the platform with an active session.
https://notcve.org/view.php?id=CVE-2022-27891
Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recommended that customers upgrade all affected services to the latest version. This issue affects: Palantir Gotham versions prior to 103.30221005.0. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-10.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-306: Missing Authentication for Critical Function •
CVE-2022-27892 – Palantir Gotham included an endpoint that would log arbitrary sized payloads.
https://notcve.org/view.php?id=CVE-2022-27892
Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-11.md • CWE-20: Improper Input Validation •
CVE-2022-27895 – A component in Foundry logging was found to be capturing sensitive information in logs.
https://notcve.org/view.php?id=CVE-2022-27895
Information Exposure Through Log Files vulnerability discovered in Foundry when logs were captured using an underlying library known as Build2. This issue was present in versions earlier than 1.785.0. Upgrade to Build2 version 1.785.0 or greater. Vulnerabilidad de exposición de información a través de archivos de registro descubierta en Foundry cuando los registros se capturaron utilizando una librería subyacente conocida como Build2. Este problema estaba presente en versiones anteriores a la 1.785.0. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-06.md • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2022-27896 – The Foundry Code-Workbooks service was found to contain an issue leading to information disclosure.
https://notcve.org/view.php?id=CVE-2022-27896
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0. Vulnerabilidad de exposición de información a través de archivos de registro descubierta en Foundry Code-Workbooks donde el endpoint que respalda esa consola generaba registros de servicio de cualquier código Python que se estuviera ejecutando. • https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-08.md • CWE-532: Insertion of Sensitive Information into Log File •