CVE-2022-27889

The Foundry Multipass service contains code paths that could be abused to cause a denial of service for authentication and authorization operations.

Severity Score

9.1

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0.

Se ha detectado que el servicio Multipass presenta rutas de código que podrían ser abusadas para causar una denegación de servicio para operaciones de autenticación o autorización. Un atacante malicioso podría llevar a cabo un ataque de denegación de servicio a nivel de aplicación, causando potencialmente que las operaciones de autenticación y/o autorización fallaran mientras durara el ataque. Esto podría conllevar a una degradación del rendimiento o fallos de inicio de sesión en los entornos de Palantir Foundry de los clientes. Esta vulnerabilidad ha sido resuelta en Multipass versión 3.647.0. Este problema afecta a: Palantir Foundry Multipass versiones anteriores a 3.647.0

*Credits: This issue was identified internally at Palantir. Initial activity was observed as a result of good-faith security research conducted by bug bounty participants.

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-03-25 CVE Reserved
2022-06-14 CVE Published
2024-01-05 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption
CWE-913: Improper Control of Dynamically-Managed Code Resources

CAPEC

References (1)

URL	Tag	Source
https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-02.md	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Palantir Search vendor "Palantir"		Foundry Multipass Search vendor "Palantir" for product "Foundry Multipass"				< 3.647.0 Search vendor "Palantir" for product "Foundry Multipass" and version " < 3.647.0"		-		Affected