CVE-2023-22834
The contour service was not checking that users had permission to create an analysis for a given dataset
The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/AR:L
Productos afectados
Palantir · com.palantir.contour:contour-dispatch¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →