Vulnerabilities > Siemens > Polarion ALM

DATE CVE VULNERABILITY TITLE RISK
2024-02-13 CVE-2023-50236 Incorrect Default Permissions vulnerability in Siemens Polarion ALM 21.0/2304.0
A vulnerability has been identified in Polarion ALM (All versions < V2404.0).
local
low complexity
siemens CWE-276
7.8
7.8
2024-02-13 CVE-2024-23813 Improper Authentication vulnerability in Siemens Polarion ALM 21.0/2304.0
A vulnerability has been identified in Polarion ALM (All versions < V2404.0).
network
low complexity
siemens CWE-287
critical
 9.8
9.8
2023-04-11 CVE-2023-28828 XXE vulnerability in Siemens Polarion ALM 21.0
A vulnerability has been identified in Polarion ALM (All versions < V22R2).
network
high complexity
siemens CWE-611
5.9
5.9
2022-12-13 CVE-2022-46265 Injection vulnerability in Siemens Polarion ALM 21.0
A vulnerability has been identified in Polarion ALM (All versions < V2304.0).
network
low complexity
siemens CWE-74
5.4
5.4
2022-03-08 CVE-2021-44478 Cross-site Scripting vulnerability in Siemens Polarion ALM and Polarion Subversion Webclient
A vulnerability has been identified in Polarion ALM (All versions < V21 R2 P2), Polarion WebClient for SVN (All versions).
network
low complexity
siemens CWE-79
6.1
6.1