A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites.
References
Link | Resource |
---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-792594.pdf | Mitigation Vendor Advisory |
https://cert-portal.siemens.com/productcert/pdf/ssa-792594.pdf | Mitigation Vendor Advisory |
Configurations
History
21 Nov 2024, 07:30
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/pdf/ssa-792594.pdf - Mitigation, Vendor Advisory |
16 May 2023, 10:51
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The affected application contains a Host header injection vulnerability that could allow an attacker to spoof a Host header information and redirect users to malicious websites. | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
15 Dec 2022, 20:36
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-13 16:15
Updated : 2024-11-21 07:30
NVD link : CVE-2022-46265
Mitre link : CVE-2022-46265
CVE.ORG link : CVE-2022-46265
JSON object : View
Products Affected
siemens
- polarion_alm
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')