Vulnerabilities > CVE-2023-32303 - Unspecified vulnerability in Planet

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

planet

NVD

Published: 2023-05-12

Updated: 2024-11-21

Summary

Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand.

Vulnerable Configurations

Part	Description	Count
Application	Planet Planet Planet - Planet Planet 0.0.1 Planet Planet 0.0.2 Planet Planet 0.0.3 Planet Planet 0.0.4 Planet Planet 0.0.5 Planet Planet 0.0.6 Planet Planet 1.0.0 Planet Planet 1.0.1 Planet Planet 1.1.0 Planet Planet 1.2.0 Planet Planet 1.2.1 Planet Planet 1.2.2 Planet Planet 1.2.3 Planet Planet 1.2.4 Planet Planet 1.3.0 Planet Planet 1.3.1 Planet Planet 1.3.2 Planet Planet 1.4.0 Planet Planet 1.4.1 Planet Planet 1.4.2 Planet Planet 1.4.3 Planet Planet 1.4.4 Planet Planet 1.4.5 Planet Planet 1.4.6 Planet Planet 1.4.7 Planet Planet 1.4.8 Planet Planet 1.4.9 Planet Planet 1.4.10 Planet Planet 1.5.0 Planet Planet 1.5.1 Planet Planet 1.5.2 Planet Planet 2.0.0	42

Summary

Vulnerable Configurations

References