CVE-2023-30970 (GCVE-0-2023-30970)
Vulnerability from cvelistv5
Published
2024-01-29 18:27
Modified
2025-05-29 15:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as "/abs/path" that can resolve to a location that is outside of that directory.
Summary
Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palantir | com.palantir.gotham:blackbird-witchcraft |
Version: * ≤ Version: * ≤ Version: * ≤ Version: * ≤ Version: * ≤ Version: * ≤ Version: * ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:45:24.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30970",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:50:41.629289Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T15:08:34.104Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "com.palantir.gotham:blackbird-witchcraft",
"vendor": "Palantir",
"versions": [
{
"lessThan": "104.30231002.10",
"status": "affected",
"version": "*",
"versionType": "semver"
},
{
"lessThan": "104.30231001.8",
"status": "affected",
"version": "*",
"versionType": "semver"
},
{
"lessThan": "104.30230807.59",
"status": "affected",
"version": "*",
"versionType": "semver"
},
{
"lessThan": "104.30230908.21",
"status": "affected",
"version": "*",
"versionType": "semver"
},
{
"lessThan": "103.30230304.433",
"status": "affected",
"version": "*",
"versionType": "semver"
},
{
"lessThan": "104.30230604.81",
"status": "affected",
"version": "*",
"versionType": "semver"
},
{
"lessThan": "104.30231003.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-597",
"descriptions": [
{
"lang": "en",
"value": "An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as \"..\" to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access."
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-36",
"description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as \"/abs/path\" that can resolve to a location that is outside of that directory.",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-29T18:27:26.850Z",
"orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
"shortName": "Palantir"
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"
}
],
"source": {
"defect": [
"PLTRSEC-2023-37"
],
"discovery": "INTERNAL"
},
"title": "Gotham table and Forward App Path traversal"
}
},
"cveMetadata": {
"assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4",
"assignerShortName": "Palantir",
"cveId": "CVE-2023-30970",
"datePublished": "2024-01-29T18:27:26.850Z",
"dateReserved": "2023-04-21T11:42:33.501Z",
"dateUpdated": "2025-05-29T15:08:34.104Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:45:24.413Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-30970\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-08T15:50:41.629289Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-08T15:50:43.171Z\"}}], \"cna\": {\"title\": \"Gotham table and Forward App Path traversal\", \"source\": {\"defect\": [\"PLTRSEC-2023-37\"], \"discovery\": \"INTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-597\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as \\\"..\\\" to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access.\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\"}}], \"affected\": [{\"vendor\": \"Palantir\", \"product\": \"com.palantir.gotham:blackbird-witchcraft\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"lessThan\": \"104.30231002.10\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"*\", \"lessThan\": \"104.30231001.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"*\", \"lessThan\": \"104.30230807.59\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"*\", \"lessThan\": \"104.30230908.21\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"*\", \"lessThan\": \"103.30230304.433\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"*\", \"lessThan\": \"104.30230604.81\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"*\", \"lessThan\": \"104.30231003.9\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.\\n\\n\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-36\", \"description\": \"The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as \\\"/abs/path\\\" that can resolve to a location that is outside of that directory.\"}]}], \"providerMetadata\": {\"orgId\": \"bbcbe11d-db20-4bc2-8a6e-c79f87041fd4\", \"shortName\": \"Palantir\", \"dateUpdated\": \"2024-01-29T18:27:26.850Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-30970\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-29T15:08:34.104Z\", \"dateReserved\": \"2023-04-21T11:42:33.501Z\", \"assignerOrgId\": \"bbcbe11d-db20-4bc2-8a6e-c79f87041fd4\", \"datePublished\": \"2024-01-29T18:27:26.850Z\", \"assignerShortName\": \"Palantir\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…