Filtered by vendor Palantir
Subscriptions
Filtered by product Control Panel
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64400 | 1 Palantir | 1 Control Panel | 2025-12-19 | 4.1 Medium |
| Control Panel provides an API for pre-registering into an enrollment and organization prior to a user's first login. The API for creating users checks that the account requesting a user creation has `edit` on the enrollment-level user directory, but is missing a separate check that the enrollment editor has access (or belongs to) the organization that they are adding a user to. | ||||
Page 1 of 1.