Vulnerabilities > CVE-2023-30956 - Unspecified vulnerability in Palantir Foundry Comments

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

high complexity

palantir

NVD

Published: 2023-07-10

Updated: 2023-11-07

Summary

A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.

Vulnerable Configurations

Part	Description	Count
Application	Palantir Palantir Foundry Comments *	1

References

https://palantir.safebase.us/?tcuUid=40367943-738c-4e69-b852-4a503c77478a