A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fix was deployed with workspace-server 7.7.0.
References
Link | Resource |
---|---|
https://palantir.safebase.us/?tcuUid=0c3f6c33-4eb0-48b5-ab87-fe48c46a4170 | Vendor Advisory |
Configurations
History
07 Jul 2023, 16:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Palantir
Palantir foundry Workspace-server |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
CWE | CWE-863 | |
CPE | cpe:2.3:a:palantir:foundry_workspace-server:*:*:*:*:*:*:*:* | |
References | (MISC) https://palantir.safebase.us/?tcuUid=0c3f6c33-4eb0-48b5-ab87-fe48c46a4170 - Vendor Advisory |
29 Jun 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-29 19:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-30955
Mitre link : CVE-2023-30955
CVE.ORG link : CVE-2023-30955
JSON object : View
Products Affected
palantir
- foundry_workspace-server