Com.Palantir.Controlpanel
Approved changes feed: RSS · Atom
cpe:2.3:a:palantir:com.palantir.controlpanel:control-panel:*:*:*:*:*:*:*:*
part: a version: control-panel update: *
| Vendor | Palantir (bb329e3d-18af-5273-8fa1-03aa6516a02f) |
|---|---|
| Product | Com.Palantir.Controlpanel (c42578d3-33d2-5d06-bd71-9f01c0730f68) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-64400 |
not_vulnerable | 2026-06-03 15:09:37.858387 |
Insufficient permission checks when pre-enrolling users Summary
MEDIUM (4.1)
Control Panel provides an API for pre-registering into an enrollment and organization prior to a user's first login. The API for creating users checks that the account requesting a user creation has `edit` on the enrollment-level user directory, but is missing a separate check that the enrollment editor has access (or belongs to) the organization that they are adding a user to.
Published: 2025-12-18T19:32:30.241Z
Updated: 2025-12-18T19:48:40.936Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.