Assigner | siemens |
Reserved | 2024-01-22 |
Published | 2024-02-13 |
Updated | 2024-05-15 |
Description
A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C |
Problem types
CWE-287: Improper Authentication
Product status
Any version before V2404.0
References
https://cert-portal.siemens.com/productcert/html/ssa-871717.html