CVE-2024-22043

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Feb 13, 2024

CWE ID 476

Summary

CVE-2024-23813 is a newly discovered vulnerability affecting Polarion ALM versions below V2404.0. The issue lies with the doorsconnector REST API endpoints, which lack adequate authentication. As a result, an unauthenticated attacker can gain access to these endpoints and potentially execute malicious code. This weakness poses a significant risk, emphasizing the importance of promptly upgrading to a secure version of Polarion ALM.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uBqJb8
https://www.cve.org/CVERecord?id=CVE-2024-22043
https://nvd.nist.gov/vuln/detail/CVE-2024-22043

Back to Vulnerability Database

CVE-2024-22043

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations