CVE-2023-22833

MEDIUM Year: 2023
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-304
View all →

Vulnerability Description

Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances.

Related Vulnerabilities

CVE-2021-41179

MEDIUM
CVSS:6.5(Medium)

Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public...

CWE-3042021

CVE-2023-3628

MEDIUM
CVSS:6.5(Medium)

A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of th...

CWE-3042023

CVE-2023-3629

MEDIUM
CVSS:6.5(Medium)

A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access info...

CWE-3042023

CVE-2025-43014

MEDIUM
CVSS:6.5(Medium)

In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation

CWE-3042025

CVE-2023-52424

HIGH
CVSS:7.4(High)

The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or ...

CWE-3042023

CVE-2024-20153

HIGH
CVSS:7.5(High)

In wlan STA, there is a possible way to trick a client to connect to an AP with spoofed SSID. This could lead to remote information disclosure with no additional execution privileges needed. User inte...

CWE-3042024