CVE-2023-30961

Summary

Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the frontend could have applied an incorrect classification to a newly created property or link.

Affected Software

VendorProductVersion RangeStatus
Palantircom.palantir.acme:gotham-fe-bundle* < 100.30230706.22affected
Palantircom.palantir.acme:gotham-fe-bundle100.30230702.0 < *affected
Palantircom.palantir.acme:gotham-fe-bundle* < 100.30230702.24affected
Palantircom.palantir.acme:gotham-fe-bundle* < 100.30230704.15affected
Palantircom.palantir.acme:titanium-browser-app-bundle100.30230706.20affected

Weaknesses

  • CWE-710: The product does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References