github - ghsa-h994-99h2-49qc

GHSA-H994-99H2-49QC

Vulnerability from github – Published: 2024-01-29 21:30 – Updated: 2024-01-29 21:30

Details

Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-30970"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-36"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-29T19:15:08Z",
    "severity": "MODERATE"
  },
  "details": "Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.\n\n",
  "id": "GHSA-h994-99h2-49qc",
  "modified": "2024-01-29T21:30:27Z",
  "published": "2024-01-29T21:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30970"
    },
    {
      "type": "WEB",
      "url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2023-30970 (GCVE-0-2023-30970)

Vulnerability from cvelistv5 – Published: 2024-01-29 18:27 – Updated: 2025-05-29 15:08

Summary

Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-36 - The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.

Assigner

Palantir

References

URL

Tags

https://palantir.safebase.us/?tcuUid=69be99ef-ad2…

Impacted products

	Vendor	Product	Version
	Palantir	com.palantir.gotham:blackbird-witchcraft	Affected: * , < 104.30231002.10 (semver) Affected: * , < 104.30231001.8 (semver) Affected: * , < 104.30230807.59 (semver) Affected: * , < 104.30230908.21 (semver) Affected: * , < 103.30230304.433 (semver) Affected: * , < 104.30230604.81 (semver) Affected: * , < 104.30231003.9 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:45:24.413Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-30970",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T15:50:41.629289Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T15:08:34.104Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "com.palantir.gotham:blackbird-witchcraft",
          "vendor": "Palantir",
          "versions": [
            {
              "lessThan": "104.30231002.10",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "104.30231001.8",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "104.30230807.59",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "104.30230908.21",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "103.30230304.433",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "104.30230604.81",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            },
            {
              "lessThan": "104.30231003.9",
              "status": "affected",
              "version": "*",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-597",
          "descriptions": [
            {
              "lang": "en",
              "value": "An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as \"..\" to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access."
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-36",
              "description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as \"/abs/path\" that can resolve to a location that is outside of that directory.",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-29T18:27:26.850Z",
        "orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
        "shortName": "Palantir"
      },
      "references": [
        {
          "url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"
        }
      ],
      "source": {
        "defect": [
          "PLTRSEC-2023-37"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Gotham table and Forward App Path traversal"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
    "assignerShortName": "Palantir",
    "cveId": "CVE-2023-30970",
    "datePublished": "2024-01-29T18:27:26.850Z",
    "dateReserved": "2023-04-21T11:42:33.501Z",
    "dateUpdated": "2025-05-29T15:08:34.104Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-H994-99H2-49QC

CVE-2023-30970 (GCVE-0-2023-30970)

Tags

Sightings

Nomenclature