CVE-2023-30970 - Vulnerability Details - OpenCVE

Description

Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.

Published: 2024-01-29

Score: 6.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Palantir

com.palantir.gotham:blackbird-witchcraft

affected

Version	Status	Constraints
`*`	affected	< 104.30231002.10
`*`	affected	< 104.30231001.8
`*`	affected	< 104.30230807.59
`*`	affected	< 104.30230908.21
`*`	affected	< 103.30230304.433
`*`	affected	< 104.30230604.81
`*`	affected	< 104.30231003.9

Configuration 1 [-]

cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*

Configuration 6 [-]

cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*

Configuration 7 [-]

cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*

Configuration 8 [-]

cpe:2.3:a:palantir:gotham_static-assets-servlet:*:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-35308	Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00117.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72

History

Thu, 29 May 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Palantir Gotham Blackbird-witchcraft Gotham Static-assets-servlet

MITRE

Status: PUBLISHED

Assigner: Palantir

Published: 2024-01-29T18:27:26.850Z

Updated: 2025-05-29T15:08:34.104Z

Reserved: 2023-04-21T11:42:33.501Z

Link: CVE-2023-30970

Vulnrichment

Updated: 2024-08-02T14:45:24.413Z

NVD

Status : Modified

Published: 2024-01-29T19:15:08.313

Modified: 2024-11-21T08:01:11.030

Link: CVE-2023-30970

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-30970", "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "state": "PUBLISHED", "assignerShortName": "Palantir", "dateReserved": "2023-04-21T11:42:33.501Z", "datePublished": "2024-01-29T18:27:26.850Z", "dateUpdated": "2025-05-29T15:08:34.104Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "shortName": "Palantir", "dateUpdated": "2024-01-29T18:27:26.850Z"}, "title": "Gotham table and Forward App Path traversal", "affected": [{"vendor": "Palantir", "product": "com.palantir.gotham:blackbird-witchcraft", "versions": [{"version": "*", "versionType": "semver", "lessThan": "104.30231002.10", "status": "affected"}, {"version": "*", "versionType": "semver", "lessThan": "104.30231001.8", "status": "affected"}, {"version": "*", "versionType": "semver", "lessThan": "104.30230807.59", "status": "affected"}, {"version": "*", "versionType": "semver", "lessThan": "104.30230908.21", "status": "affected"}, {"version": "*", "versionType": "semver", "lessThan": "103.30230304.433", "status": "affected"}, {"version": "*", "versionType": "semver", "lessThan": "104.30230604.81", "status": "affected"}, {"version": "*", "versionType": "semver", "lessThan": "104.30231003.9", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.\n\n"}], "impacts": [{"capecId": "CAPEC-597", "descriptions": [{"lang": "en", "value": "An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as \"..\" to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access."}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-36", "description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as \"/abs/path\" that can resolve to a location that is outside of that directory.", "lang": "en", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseSeverity": "MEDIUM", "baseScore": 6.5}, "format": "CVSS"}], "references": [{"url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"}], "source": {"discovery": "INTERNAL", "defect": ["PLTRSEC-2023-37"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:45:24.413Z"}, "title": "CVE Program Container", "references": [{"url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-08T15:50:41.629289Z", "id": "CVE-2023-30970", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-29T15:08:34.104Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:45:24.413Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-30970", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-08T15:50:41.629289Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T15:50:43.171Z"}}], "cna": {"title": "Gotham table and Forward App Path traversal", "source": {"defect": ["PLTRSEC-2023-37"], "discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-597", "descriptions": [{"lang": "en", "value": "An adversary with access to file system resources, either directly or via application logic, will use various file absolute paths and navigation mechanisms such as \"..\" to extend their range of access to inappropriate areas of the file system. The goal of the adversary is to access directories and files that are intended to be restricted from their access."}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}}], "affected": [{"vendor": "Palantir", "product": "com.palantir.gotham:blackbird-witchcraft", "versions": [{"status": "affected", "version": "*", "lessThan": "104.30231002.10", "versionType": "semver"}, {"status": "affected", "version": "*", "lessThan": "104.30231001.8", "versionType": "semver"}, {"status": "affected", "version": "*", "lessThan": "104.30230807.59", "versionType": "semver"}, {"status": "affected", "version": "*", "lessThan": "104.30230908.21", "versionType": "semver"}, {"status": "affected", "version": "*", "lessThan": "103.30230304.433", "versionType": "semver"}, {"status": "affected", "version": "*", "lessThan": "104.30230604.81", "versionType": "semver"}, {"status": "affected", "version": "*", "lessThan": "104.30231003.9", "versionType": "semver"}]}], "references": [{"url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"}], "descriptions": [{"lang": "en", "value": "Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.\n\n"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-36", "description": "The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize absolute path sequences such as \"/abs/path\" that can resolve to a location that is outside of that directory."}]}], "providerMetadata": {"orgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "shortName": "Palantir", "dateUpdated": "2024-01-29T18:27:26.850Z"}}}, "cveMetadata": {"cveId": "CVE-2023-30970", "state": "PUBLISHED", "dateUpdated": "2025-05-29T15:08:34.104Z", "dateReserved": "2023-04-21T11:42:33.501Z", "assignerOrgId": "bbcbe11d-db20-4bc2-8a6e-c79f87041fd4", "datePublished": "2024-01-29T18:27:26.850Z", "assignerShortName": "Palantir"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*", "matchCriteriaId": "50B7044B-00B7-4A28-ADCE-AFFA5B303766", "versionEndExcluding": "104.30231001.8", "versionStartIncluding": "10.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*", "matchCriteriaId": "6BA4F7ED-82F6-4AF9-9BA1-BB20AB7F5A39", "versionEndExcluding": "104.30231002.10", "versionStartIncluding": "10.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*", "matchCriteriaId": "234D94C3-A062-41DF-B956-23EDE90C9401", "versionEndExcluding": "104.30231003.9", "versionStartIncluding": "10.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*", "matchCriteriaId": "64959061-0319-4B34-A08E-061B4C19AF8A", "versionEndExcluding": "104.30230908.21", "versionStartIncluding": "9.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*", "matchCriteriaId": "B753237D-3F64-4CDA-BAD9-47A2B14A5350", "versionEndExcluding": "104.30230807.59", "versionStartIncluding": "8.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*", "matchCriteriaId": "244B84F3-98EC-49E4-8E8F-EDA0559699AE", "versionEndExcluding": "104.30230604.81", "versionStartIncluding": "6.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_blackbird-witchcraft:*:*:*:*:*:*:*:*", "matchCriteriaId": "18BBB67F-5942-4663-8D9B-E4D12F2A9BAC", "versionEndExcluding": "103.30230304.433", "versionStartIncluding": "3.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:palantir:gotham_static-assets-servlet:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CE97A8F-89B8-49BE-9D1D-65C4B3286D44", "versionEndExcluding": "1.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.\n\n"}, {"lang": "es", "value": "Se descubri\u00f3 que el servicio Gotham Table y Forward App eran vulnerables a un problema de path traversal que permit\u00eda a un usuario autenticado leer archivos arbitrarios en el sistema de archivos."}], "id": "CVE-2023-30970", "lastModified": "2024-11-21T08:01:11.030", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "cve-coordination@palantir.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-29T19:15:08.313", "references": [{"source": "cve-coordination@palantir.com", "tags": ["Vendor Advisory"], "url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://palantir.safebase.us/?tcuUid=69be99ef-ad24-4339-9017-c8bf70789c72"}], "sourceIdentifier": "cve-coordination@palantir.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-36"}], "source": "cve-coordination@palantir.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}