Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-50236

A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM.

Published

2024-02-13T09:15:46.633

Last Modified

2024-11-21T08:36:43.500

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
CWE-276

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	siemens	polarion_alm	< 2404.0	Yes

References

https://cert-portal.siemens.com/productcert/html/ssa-871717.html Vendor Advisory ([email protected])
https://cert-portal.siemens.com/productcert/html/ssa-871717.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)