CVE-2023-30951
CVE-2023-30951

6.3MEDIUM

Key Information:

Vendor

Palantir

Status
Com.palantir.magritte:magritte-rest-source-bundle
Vendor
CVE Published:
3 August 2023

What is CVE-2023-30951?

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE).

Affected Version(s)

com.palantir.magritte:magritte-rest-source-bundle * < 7.210.0

References

https://palantir.safebase.us/?tcuUid=fe021f28-9e25-42c4-a...

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.