Shodan
Vulnerabilities
Vulnerable Software
Palantir:  Security Vulnerabilities
CVE-2023-30970
Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-01-29
CVE-2023-30954
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized.
CVSS Score
2.7
EPSS Score
0.001
Published
2023-11-15
CVE-2023-30967
Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-10-26
CVE-2023-30969
The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-10-26
CVE-2023-30961
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the frontend could have applied an incorrect classification to a newly created property or link.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-09-27
CVE-2023-30959
In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction.
CVSS Score
4.1
EPSS Score
0.002
Published
2023-09-27
CVE-2023-30962
The Gotham Cerberus service was found to have a stored cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Gotham to launch attacks against other users. This vulnerability is resolved in Cerberus 100.230704.0-27-g031dd58 .
CVSS Score
6.8
EPSS Score
0.005
Published
2023-09-12
CVE-2023-30952
A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 .
CVSS Score
5.0
EPSS Score
0.003
Published
2023-08-03
CVE-2023-30950
The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint
CVSS Score
6.5
EPSS Score
0.001
Published
2023-08-03
CVE-2023-30951
The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE).
CVSS Score
6.3
EPSS Score
0.001
Published
2023-08-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved