OTPulse
FeedAboutContact

Siemens Polarion ALM

Monitor6.5ICS-CERT ICSA-22-069-08Mar 8, 2022
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Polarion ALM contains a cross-site scripting (XSS) vulnerability in the Subversion Webclient that can be triggered when an administrator clicks a crafted link. The vulnerability allows an attacker to execute arbitrary JavaScript in the context of an admin's browser session. Siemens has released a patch for Polarion ALM but has not provided a fix for the legacy Polarion WebClient for SVN product.

What this means
What could happen
An attacker could craft a malicious link that, when clicked by an administrator, executes arbitrary JavaScript in the context of their Polarion ALM session, potentially allowing access to sensitive project data or administrative functions.
Who's at risk
Organizations using Siemens Polarion ALM for application lifecycle management and Subversion code repository access. This primarily affects engineering teams and project administrators who use the Polarion Subversion Webclient for managing product designs and configurations in industrial projects.
How it could be exploited
An attacker sends a crafted link (via email, chat, or web) containing JavaScript code to a Polarion ALM administrator. When the admin clicks the link while logged into Polarion's Subversion Webclient, the JavaScript executes in their browser, running with the admin's privileges and session context.
Prerequisites
  • Administrator account in Polarion ALM
  • User must click a crafted link while logged into Polarion Subversion Webclient
  • No network access restrictions preventing external link delivery
Remotely exploitableRequires user interaction (click)Low attack complexityAdministrator account required
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (2)
1 with fix1 EOL
ProductAffected VersionsFix Status
Polarion WebClient for SVNAll versionsNo fix (EOL)
Polarion ALM<V21 R2 P221 R2 P2
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGTrain users and administrators not to click links from untrusted sources while using Polarion Subversion Webclient
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

Polarion ALM
HOTFIXUpdate Polarion ALM to version 21 R2 P2 or later
Mitigations - no patch available
0/1
Polarion WebClient for SVN has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGSegment network access to Polarion ALM and restrict external connectivity as appropriate for your operational environment
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/d8b10eca-ec1d-47ce-aefe-9f16b51e1a33
Siemens Polarion ALM | CVSS 6.5 - OTPulse