CVE-2022-48308

MEDIUM

Palantir sls-logging - SSL/TLS Man-in-the-Middle

Title source: llm

Description

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service.

References (1)

Core 1

Core References

Vendor Advisory

https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-14.md

View Writeup ZIP pw:eip

Scores

CVSS v3 6.3

EPSS 0.0019

EPSS Percentile 8.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-295 CWE-297

Status published

Products (1)

palantir/sls-logging < 9.51.0

Published Feb 16, 2023

Tracked Since Feb 18, 2026