Siemens Polarion Alm
6 CVEs affecting Siemens Polarion Alm. Latest disclosed: 2024-05-14. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-50236 | High | 7.8 | 2024-02-13 | A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folder permissions in the… |
CVE-2024-23813 | High | 7.3 | 2024-02-13 | A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The REST API endpoints of doorsconnector of the affected product lacks proper aut… |
CVE-2024-33647 | Medium | 6.5 | 2024-05-14 | A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The Apache Lucene based query engine in the affected application lacks proper acc… |
CVE-2021-44478 | Medium | 6.1 | 2022-03-08 | A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient for SVN (All versions). A cross-site scripting is present du… |
CVE-2023-28828 | Medium | 5.9 | 2023-04-11 | A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This… |
CVE-2022-46265 | Medium | 5.4 | 2022-12-13 | A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that coul… |