CVE-2023-30946

CVSS V2 None CVSS V3 None

Description

A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UUID of the author, and the user-defined title of the issue.

Overview

CVE ID
CVE-2023-30946

Assigner
Palantir

Vulnerability Status
PUBLISHED

Published Version
2023-06-29T18:49:23.694Z

Last Modified Date
2023-06-29T18:49:23.694Z

Weakness Enumerations

CWE	URL
CWE-420	http://cwe.mitre.org/data/definitions/420.html
CWE-288	http://cwe.mitre.org/data/definitions/288.html

References

Reference URL	Reference Tags
https://palantir.safebase.us/?tcuUid=4cf0b6e6-564a-467b-83ae-36fec3a491c3

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-30946
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30946

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 17:03:28				Added to TrackCVE