Com.Palantir.Aries
Approved changes feed: RSS · Atom
cpe:2.3:a:palantir:com.palantir.aries:aries:*:*:*:*:*:*:*:*
part: a version: aries update: *
| Vendor | Palantir (bb329e3d-18af-5273-8fa1-03aa6516a02f) |
|---|---|
| Product | Com.Palantir.Aries (7e694415-02d3-5af3-a3cf-eefa216fc144) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-68609 |
not_vulnerable | 2026-06-03 15:11:03.590035 |
Authentication bypass in Aries due to misconfiguration
MEDIUM (6.6)
A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and management functionality on Apollo instances using default configuration. The defect resulted in both authentication and authorization checks being bypassed, potentially allowing any network-accessible client to view system logs and perform operations without valid credentials. No evidence of exploitation was identified during the vulnerability window.
Published: 2026-01-22T19:06:05.914Z
Updated: 2026-01-22T19:33:36.287Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.