CVE-2023-30945

CVSS V2 None CVSS V3 None

Description

Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well.

Overview

CVE ID
CVE-2023-30945

Assigner
Palantir

Vulnerability Status
PUBLISHED

Published Version
2023-06-26T23:00:08.676Z

Last Modified Date
2023-06-26T23:00:08.676Z

Weakness Enumerations

CWE	URL
CWE-287	http://cwe.mitre.org/data/definitions/287.html
CWE-22	http://cwe.mitre.org/data/definitions/22.html

References

Reference URL	Reference Tags
https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-30945
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30945

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 17:30:40				Added to TrackCVE