A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects.
References
Configurations
No configuration.
History
21 Nov 2024, 09:17
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/html/ssa-925850.html - | |
Summary |
|
14 May 2024, 16:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-14 16:17
Updated : 2024-11-21 09:17
NVD link : CVE-2024-33647
Mitre link : CVE-2024-33647
CVE.ORG link : CVE-2024-33647
JSON object : View
Products Affected
No product.
CWE
CWE-284
Improper Access Control