What is CVE-2022-27890?

CVE-2022-27890 is a vulnerability in the sls-logging component of Palantir Atlasdb that allows a malicious attacker in a privileged network position to perform a man-in-the-middle attack.

How severe is CVE-2022-27890?

CVE-2022-27890 has a severity rating of 7.4, which is considered high.

How does CVE-2022-27890 work?

CVE-2022-27890 occurs due to a misuse of the javax.net.ssl.SSLSocketFactory API, which leads to the sls-logging component not verifying hostnames in TLS certificates.

What is the affected software for CVE-2022-27890?

The affected software for CVE-2022-27890 is Palantir Atlasdb up to version 0.730.0.

Is there a fix for CVE-2022-27890?

Yes, you should update Palantir Atlasdb to a version beyond 0.730.0 to fix CVE-2022-27890.

Vulnerability/
CVE-2022-27890

high

7.4

CWE

295 297

16/2/2023

18/3/2025

CVE-2022-27890

First published: Thu Feb 16 2023(Updated: )

It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of AtlasDB, the vulnerability was mitigated by other network controls such as two-way TLS when deployed as part of a Palantir platform. Palantir still recommends upgrading to a non-vulnerable version out of an abundance of caution.

Credit: cve-coordination@palantir.com

Affected Software	Affected Version	How to fix
Palantir AtlasDB	<0.730.0

Never miss a vulnerability like this again

Reference Links

https://github.com/palantir/security-bulletins/blob/main/PLTRSEC-2022-15.md

Frequently Asked Questions

What is CVE-2022-27890?
CVE-2022-27890 is a vulnerability in the sls-logging component of Palantir Atlasdb that allows a malicious attacker in a privileged network position to perform a man-in-the-middle attack.
How severe is CVE-2022-27890?
CVE-2022-27890 has a severity rating of 7.4, which is considered high.
How does CVE-2022-27890 work?
CVE-2022-27890 occurs due to a misuse of the javax.net.ssl.SSLSocketFactory API, which leads to the sls-logging component not verifying hostnames in TLS certificates.
What is the affected software for CVE-2022-27890?
The affected software for CVE-2022-27890 is Palantir Atlasdb up to version 0.730.0.
Is there a fix for CVE-2022-27890?
Yes, you should update Palantir Atlasdb to a version beyond 0.730.0 to fix CVE-2022-27890.

agent/weakness
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/severity
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/palantir
canonical/palantir atlasdb

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.