CVE-2023-50236

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 13, 2024

Updated: May 15, 2024

CWE ID 276

Summary

CVE-2023-50236 is a vulnerability affecting Polarion ALM (all versions below V2404.0). The issue arises due to weak file and folder permissions within the installation path. This weakness allows a local attacker to escalate privileges, granting them the NT AUTHORITY\\SYSTEM level access. This vulnerability poses a significant risk, and it is recommended that affected organizations apply the necessary patches or updates to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tslUM_
https://www.cve.org/CVERecord?id=CVE-2023-50236
https://nvd.nist.gov/vuln/detail/CVE-2023-50236

Back to Vulnerability Database

CVE-2023-50236

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations