Multiple Vulnerabilities in Polarion ALM

Plan Patch7.8SSA-871717Feb 13, 2024

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Polarion ALM contains two vulnerabilities: incorrect default path permissions in the installation directory and improper authentication in REST API endpoints for the DOORS connector. An attacker could exploit these for unauthenticated access or privilege escalation.

What this means

What could happen

An attacker with local access to the Polarion ALM server could gain unauthorized administrative access or escalate privileges, potentially compromising project data, requirements management, and traceability across engineering workflows.

Who's at risk

Development and engineering teams using Polarion ALM for requirements management, project planning, and traceability. This includes aerospace, automotive, industrial automation, and any organization using Polarion for document control and change management.

How it could be exploited

An attacker with local access to the Polarion ALM installation directory could leverage incorrect file permissions to modify application files or read sensitive configuration. Alternatively, an attacker could call unauthenticated REST API endpoints in the DOORS connector to bypass authentication checks and access or modify requirements data remotely.

Prerequisites

Local access to the Polarion ALM server filesystem, OR network access to REST API endpoints (port typically 8080 or 7001)
Polarion ALM version prior to 2404.0

locally exploitableno authentication required on REST APIlow complexityaffects engineering data integritydefault configuration is unsafe

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

Polarion ALM<V2404.02404.0

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGReview and correct file system permissions on Polarion ALM installation directory to restrict access to authorized administrators only

HARDENINGVerify that REST API endpoints are accessible only from trusted networks; implement firewall rules to restrict access to the Polarion ALM API ports

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Polarion ALM to version 2404.0 or later

HARDENINGAudit Polarion ALM authentication logs and user access to identify any unauthorized access attempts before applying the update

CVEs (2)

CVE-2023-50236 CVE-2024-23813

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/2db99d78-e341-4f3e-8769-cc8595d0dcbd