CVE-2023-30954 : Exploit Details and Defense Strategies

This article provides detailed information about CVE-2023-30954, a vulnerability in Palantir's Gotham Video Broken Authentication.

Understanding CVE-2023-30954

Gotham Video Broken Authentication is a vulnerability found in Palantir's video-application-server that allows a race condition to occur, leading to the failure of applying certain ACLs to new videos if the source system has not initialized.

What is CVE-2023-30954?

The Gotham video-application-server service contained a race condition that would cause it to not apply certain ACLs to new videos if the source system had not yet initialized.

The Impact of CVE-2023-30954

The vulnerability can be exploited by attackers to access functionality not properly constrained by ACLs, potentially compromising sensitive information and the entire application.

Technical Details of CVE-2023-30954

Vulnerability Description

The Gotham video-application-server vulnerability arises from a race condition preventing the application of certain ACLs on new videos.

Affected Systems and Versions

The affected product is 'com.palantir.video:video-application-server' with versions less than '2.206.1'.

Exploitation Mechanism

Attackers can exploit this issue to access resources at a higher privilege level, management sections of the application, or run queries for data they are not supposed to access.

Mitigation and Prevention

Immediate Steps to Take

Palantir users should upgrade their Gotham video-application-server to version 2.206.1 or higher to mitigate the vulnerability.

Long-Term Security Practices

Implement strict ACL configurations and regularly update and patch systems to prevent similar authorization vulnerabilities.

Patching and Updates

Regularly monitor security advisories from Palantir and apply patches promptly to secure systems.