Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-30956

Summary
Assigner-Palantir
Assigner Org ID-bbcbe11d-db20-4bc2-8a6e-c79f87041fd4
Published At-10 Jul, 2023 | 21:07
Updated At-23 Oct, 2024 | 17:30
Rejected At-
Credits

IDOR in Foundry Comments allows retrieval of attachments

A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Palantir
Assigner Org ID:bbcbe11d-db20-4bc2-8a6e-c79f87041fd4
Published At:10 Jul, 2023 | 21:07
Updated At:23 Oct, 2024 | 17:30
Rejected At:
▼CVE Numbering Authority (CNA)
IDOR in Foundry Comments allows retrieval of attachments

A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.

Affected Products
Vendor
Palantir
Product
com.palantir.comments:comments
Versions
Affected
  • From * before 2.267.0 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-639The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Type: CWE
CWE ID: CWE-639
Description: The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-233An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC ID: CAPEC-233
Description: An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a
N/A
Hyperlink: https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a
x_transferred
Hyperlink: https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve-coordination@palantir.com
Published At:10 Jul, 2023 | 22:15
Updated At:07 Nov, 2023 | 04:14

A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CPE Matches
palantir
palantir
>>foundry_comments>>Versions before 2.267.0(exclusive)
cpe:2.3:a:palantir:foundry_comments:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-639Secondarycve-coordination@palantir.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-639
Type: Secondary
Source: cve-coordination@palantir.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478acve-coordination@palantir.com
Vendor Advisory
Hyperlink: https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a
Source: cve-coordination@palantir.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3Records found
CVE-2023-30960
Matching Score-6
Assigner-Palantir Technologies
ShareView Details
Matching Score-6
Assigner-Palantir Technologies
CVSS Score-4.3||MEDIUM
EPSS-0.14% / 34.60%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 21:05
Updated-23 Oct, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Direct Object Reference (IDOR) in Foundry job-tracker

A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required.

Action-Not Available
Vendor-palantirPalantir
Product-foundry_job-trackercom.palantir.foundry.jobtracker:job-tracker
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2024-10925
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.01% / 1.67%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 11:02
Updated-26 Aug, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Authorization Bypass Through User-Controlled Key in GitLab

A vulnerability in GitLab-EE affecting all versions from 16.2 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1 allows a Guest user to read Security policy YAML

Action-Not Available
Vendor-GitLab Inc.
Product-gitlabGitLab
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2024-29020
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.15% / 36.70%
||
7 Day CHG~0.00%
Published-29 Mar, 2024 | 14:46
Updated-09 Jan, 2025 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JumpServer allows nn authorized attacker to get sensitive information in playbook files when playbook_id is leaked

JumpServer is an open source bastion host and an operation and maintenance security audit system. An authorized attacker can obtain sensitive information contained within playbook files if they manage to learn the playbook_id of another user. This breach of confidentiality can lead to information disclosure and exposing sensitive data. This vulnerability is fixed in v3.10.6.

Action-Not Available
Vendor-FIT2CLOUD Inc.JumpServer (FIT2CLOUD Inc.)
Product-jumpserverjumpserverjumpserver
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
Details not found