all InfoSec news
SSA-871717 V1.0: Multiple Vulnerabilities in Polarion ALM
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Polarion ALM is affected by incorrect default path permissions in installation path, and improper authentication in the REST API endpoints of DOORS connector. An attacker could exploit the vulnerabilities for unauthenticated access, or privilege escalation.
Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
access api api endpoints attacker authentication connector countermeasures default endpoints escalation exploit fix fixes installation path permissions privilege privilege escalation products rest rest api siemens ssa unauthenticated vulnerabilities