{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-30945", "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "state": "PUBLISHED", "assignerShortName": "Palantir", "dateReserved": "2023-04-21T10:39:02.384Z", "datePublished": "2023-06-26T23:00:08.676Z", "dateUpdated": "2024-12-05T14:30:12.082Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "shortName": "Palantir", "dateUpdated": "2023-06-26T23:00:08.676Z"}, "title": "CVE-2023-30945   ", "affected": [{"vendor": "Palantir", "product": "com.palantir.gotham:clips2", "versions": [{"version": "*", "versionType": "semver", "lessThan": "0.111.2", "status": "affected"}]}, {"vendor": "Palantir", "product": "com.palantir.video:video-history-server", "versions": [{"version": "*", "versionType": "semver", "lessThan": "2.210.3", "status": "affected"}]}, {"vendor": "Palantir", "product": "com.palantir.video:video-clip-distributor", "versions": [{"version": "*", "versionType": "semver", "lessThan": "0.24.10", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "An attacker gains access to application, service, or device with the privileges of an authorized or privileged user by evading or circumventing an authentication mechanism. The attacker is therefore able to access protected data without authentication ever having taken place."}]}, {"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "An adversary uses path manipulation methods to exploit insufficient input validation of a target to obtain access to data that should be not be retrievable by ordinary well-formed requests. A typical variety of this attack involves specifying a path to a desired file together with dot-dot-slash characters, resulting in the file access API or function traversing out of the intended directory structure and into the root file system. By replacing or modifying the expected path information the access function or API retrieves the file desired by the attacker. These attacks either involve the attacker providing a complete path to a targeted file or using control characters (e.g. path separators (/ or \\) and/or dots (.)) to reach desired directories or files."}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-22", "description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.", "lang": "en", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/CR:M", "baseSeverity": "CRITICAL", "baseScore": 9.8}, "format": "CVSS"}], "references": [{"url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9"}], "source": {"discovery": "INTERNAL", "defect": ["PLTRSEC-2023-18"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:37:15.582Z"}, "title": "CVE Program Container", "references": [{"url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-05T14:30:00.403117Z", "id": "CVE-2023-30945", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-05T14:30:12.082Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:37:15.582Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-30945", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-05T14:30:00.403117Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-05T14:30:06.420Z"}}], "cna": {"title": "CVE-2023-30945   ", "source": {"defect": ["PLTRSEC-2023-18"], "discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "An attacker gains access to application, service, or device with the privileges of an authorized or privileged user by evading or circumventing an authentication mechanism. The attacker is therefore able to access protected data without authentication ever having taken place."}]}, {"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "An adversary uses path manipulation methods to exploit insufficient input validation of a target to obtain access to data that should be not be retrievable by ordinary well-formed requests. A typical variety of this attack involves specifying a path to a desired file together with dot-dot-slash characters, resulting in the file access API or function traversing out of the intended directory structure and into the root file system. By replacing or modifying the expected path information the access function or API retrieves the file desired by the attacker. These attacks either involve the attacker providing a complete path to a targeted file or using control characters (e.g. path separators (/ or \\) and/or dots (.)) to reach desired directories or files."}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/CR:M"}}], "affected": [{"vendor": "Palantir", "product": "com.palantir.gotham:clips2", "versions": [{"status": "affected", "version": "*", "lessThan": "0.111.2", "versionType": "semver"}]}, {"vendor": "Palantir", "product": "com.palantir.video:video-history-server", "versions": [{"status": "affected", "version": "*", "lessThan": "2.210.3", "versionType": "semver"}]}, {"vendor": "Palantir", "product": "com.palantir.video:video-clip-distributor", "versions": [{"status": "affected", "version": "*", "lessThan": "0.24.10", "versionType": "semver"}]}], "references": [{"url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9"}], "descriptions": [{"lang": "en", "value": "Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct."}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory."}]}], "providerMetadata": {"orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "shortName": "Palantir", "dateUpdated": "2023-06-26T23:00:08.676Z"}}}, "cveMetadata": {"cveId": "CVE-2023-30945", "state": "PUBLISHED", "dateUpdated": "2024-12-05T14:30:12.082Z", "dateReserved": "2023-04-21T10:39:02.384Z", "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "datePublished": "2023-06-26T23:00:08.676Z", "assignerShortName": "Palantir"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:clips2:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB9EB1C8-6DDE-4EC8-99F2-1130EABA72CA", "versionEndExcluding": "0.111.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:palantir:video_clip_distributor:*:*:*:*:*:*:*:*", "matchCriteriaId": "B4883F5A-B29C-4EB9-9F55-D15499EC1A40", "versionEndExcluding": "0.24.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:palantir:video_history_service:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9C66728-D88D-4A48-89E3-D887A31C78DF", "versionEndExcluding": "2.210.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well."}], "id": "CVE-2023-30945", "lastModified": "2024-11-21T08:01:07.863", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "cve-coordination@palantir.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-26T23:15:09.193", "references": [{"source": "cve-coordination@palantir.com", "tags": ["Vendor Advisory"], "url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://palantir.safebase.us/?tcuUid=e62e4dad-b39b-48ba-ba30-7b7c83406ad9"}], "sourceIdentifier": "cve-coordination@palantir.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-287"}], "source": "cve-coordination@palantir.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}