Overview
- Description
- A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants. This defect was resolved with the release of Foundry Issues 2.510.0 and Foundry Frontend 6.228.0.
- Source
- cve-coordination@palantir.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.7
- Impact score
- 4
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- cve-coordination@palantir.com
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:palantir:foundry_frontend:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B2BF858-2C37-4778-B132-E4A9DADBCFD6",
"versionEndExcluding": "6.228.0"
},
{
"criteria": "cpe:2.3:a:palantir:foundry_issues:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9980734-2C13-41CD-A88A-D1EFCEDC73BD",
"versionEndExcluding": "2.510.0"
}
],
"operator": "OR"
}
]
}
]