CVE-2023-30951

Summary

The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE).

Affected Software

VendorProductVersion RangeStatus
Palantircom.palantir.magritte:magritte-rest-source-bundle* < 7.210.0affected

Weaknesses

  • CWE-611: The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References