Multiple Vulnerabilities in Polarion Before V2410

Monitor6.5SSA-162255May 13, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Polarion before V2410 contains multiple vulnerabilities including SQL injection (CWE-89), XML external entity injection (CWE-611), cross-site scripting (CWE-79), and information disclosure (CWE-204) that could allow attackers to extract data, conduct cross-site scripting attacks, or enumerate valid usernames.

What this means

What could happen

An attacker with valid credentials could extract sensitive project data, inject malicious scripts, or discover valid system usernames. These vulnerabilities do not directly affect plant operations but could compromise confidentiality of engineering data and enable subsequent attacks against operational systems.

Who's at risk

This affects organizations using Polarion for project management and requirements tracking, particularly those in engineering and manufacturing sectors that integrate Polarion with operational technology systems or store safety-critical engineering data. Water utilities and electric utilities using Polarion for SCADA design documentation or operational procedures are at risk.

How it could be exploited

An attacker with login credentials accesses Polarion through the web interface and injects SQL commands in input fields, sends specially crafted XML payloads to trigger external entity injection, or submits JavaScript payloads that execute in other users' browsers. The attacker could extract data from the database, access external files on the server, or harvest information from other authenticated users.

Prerequisites

- Valid Polarion user account credentials - Network access to the Polarion web application (typically port 443 or 8443) - User must authenticate to the application before exploitation

- Requires valid authentication - Network-reachable application - Low complexity exploitation - Affects confidentiality of engineering documentation - No fix available for V2310 (end-of-life)

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (3)

2 with fix1 EOL

ProductAffected VersionsFix Status

Polarion V2404< V2404.42404.4

Polarion V2404< V2404.22404.2

Polarion V2310All versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGRestrict network access to Polarion web application to authorized engineering workstations and offices using firewall rules

HARDENINGReview and enforce strong password policies and multi-factor authentication for all Polarion user accounts

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

Polarion V2404

HOTFIXUpdate Polarion V2404 installations to version 2404.4 or later

HOTFIXUpdate Polarion V2404 installations to version 2404.2 or later (minimum patch level)

Polarion V2310

HOTFIXMigrate Polarion V2310 installations to V2410 or later (V2310 is end-of-life and will not receive patches)

CVEs (4)

CVE-2024-51444 CVE-2024-51445 CVE-2024-51446 CVE-2024-51447

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/f7886ec4-e04c-431b-8cab-2775c221de06