CVE-2023-30969

Опубликовано: 26 окт. 2023

Источник: nvd

CVSS3: 8.2

CVSS3: 6.5

EPSS Низкий

Описание

The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints.

Ссылки

https://palantir.safebase.us/?tcuUid=afcbc9b2-de62-44b9-b28b-2ebf0684fbf7
Vendor Advisory
https://palantir.safebase.us/?tcuUid=afcbc9b2-de62-44b9-b28b-2ebf0684fbf7
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:palantir:tiles:*:*:*:*:*:*:*:*

Версия до 4.326.0 (исключая)

EPSS

Процентиль: 42%

0.00203

Низкий

8.2 High

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284

CWE-862

Связанные уязвимости

GHSA-f257-8wpr-74j7

CVSS3: 8.2

github

больше 2 лет назад

The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints.

EPSS

Процентиль: 42%

0.00203

Низкий

8.2 High

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284

CWE-862