CVE-2023-30951
CVE-2023-30951

6.3MEDIUM

Key Information:

Vendor: Palantir
Status: Com.palantir.magritte:magritte-rest-source-bundle
Vendor: CVE Published:; 3 August 2023

What is CVE-2023-30951?

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE).

Affected Version(s)

com.palantir.magritte:magritte-rest-source-bundle * < 7.210.0

References

https://palantir.safebase.us/?tcuUid=fe021f28-9e25-42c4-a...

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 3, 2023
Vulnerability Reserved
Apr 21, 2023

.