all InfoSec news
SSA-925850 V1.0: Improper Access Control in Polarion ALM
May 14, 2024, midnight |
Siemens ProductCERT Security Advisories cert-portal.siemens.com
The Apache Lucene based query engine in Polarion ALM lacks proper access controls. This could allow an authenticated user to query items beyond the user’s allowed projects.
Siemens has released a new version for Polarion ALM and recommends to update to the latest version.
access access control access controls apache beyond control controls engine latest projects query siemens ssa update version
More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC