Siemens Polarion_alm

9 CVEs affecting Siemens Polarion_alm. Latest disclosed: 2025-05-13. Critical: 0, High: 2.

Top CVEs affecting Siemens Polarion_alm
CVESeverityScorePublishedSummary
CVE-2023-50236High7.82024-02-13A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folder permissions in the…
CVE-2024-23813High7.32024-02-13A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The REST API endpoints of doorsconnector of the affected product lacks proper aut…
CVE-2024-51446Medium6.52025-05-13A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The file upload feature of the affected applicat…
CVE-2024-51445Medium6.52025-05-13A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The affected application contains a XML External…
CVE-2024-51444Medium6.52025-05-13A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The application insufficiently validates user in…
CVE-2021-44478Medium6.12022-03-08A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient for SVN (All versions). A cross-site scripting is present du…
CVE-2023-28828Medium5.92023-04-11A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This…
CVE-2022-46265Medium5.42022-12-13A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that coul…
CVE-2024-51447Medium5.32025-05-13A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.2). The login implementation of the affected applica…