A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM.
References
| Link | Resource |
|---|---|
| https://cert-portal.siemens.com/productcert/html/ssa-871717.html | Vendor Advisory |
Configurations
History
18 Oct 2024, 17:20
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:siemens:polarion_alm:*:*:*:*:*:*:*:* | |
| First Time |
Siemens
Siemens polarion Alm |
|
| References | () https://cert-portal.siemens.com/productcert/html/ssa-871717.html - Vendor Advisory |
15 May 2024, 08:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM. |
14 May 2024, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) A vulnerability has been identified in Polarion ALM (All versions < V2024.0). The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM. |
13 Feb 2024, 09:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-13 09:15
Updated : 2024-10-18 17:20
NVD link : CVE-2023-50236
Mitre link : CVE-2023-50236
CVE.ORG link : CVE-2023-50236
JSON object : View
Products Affected
siemens
- polarion_alm
CWE
CWE-276
Incorrect Default Permissions