CVE-2024-49589

Foundry Artifacts was found to be vulnerable to a Denial Of Service attack due to disk being potentially filled up based on an user supplied argument (size).

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://palantir.safebase.us/?tcuUid=ad6b08b1-2f79-4e32-b125-406dd2b9b1c3

Configurations

No configuration.

History

18 Feb 2025, 19:15

Type	Values Removed	Values Added
CWE	~~CWE-862~~	CWE-770
Summary	(en) Restricted Views backed objects (OSV1) could be bypassed under specific circumstances due to a software bug, this could have allowed users that didn't have permission to see such objects to view them via Object Explorer directly. This software bug did not impact or otherwise make data available across organizational boundaries nor did it allow for data to be viewed or accessed by unauthenticated users. The affected service have been patched and automatically deployed to all Apollo-managed Foundry instances.	(en) Foundry Artifacts was found to be vulnerable to a Denial Of Service attack due to disk being potentially filled up based on an user supplied argument (size).
References	~~{'url': 'https://palantir.safebase.us/?tcuUid=b60db1ee-4b1a-475d-848e-c5a670a0da16', 'source': 'cve-coordination@palantir.com'}~~	() https://palantir.safebase.us/?tcuUid=ad6b08b1-2f79-4e32-b125-406dd2b9b1c3 -

18 Feb 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-18 18:15

Updated : 2025-02-18 19:15

NVD link : CVE-2024-49589

Mitre link : CVE-2024-49589

CVE.ORG link : CVE-2024-49589

JSON object : View

Products Affected

No product.

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

6.5 /10