Vulnerabilities > CVE-2023-22833 - Incorrect Authorization vulnerability in Palantir Foundry

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

palantir

CWE-863

NVD

Published: 2023-06-06

Updated: 2023-11-07

Summary

Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances.

Vulnerable Configurations

Part	Description	Count
Application	Palantir Palantir Foundry *	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://palantir.safebase.us/?tcuUid=7f1fd834-805d-4679-85d0-9d779fa064ae