CVEs (2)
Remediations
- In Polarion Windows installation, restrict permissions of BUILTIN\Users from accessing the entire Polarion installation folders to prevent data corruption. Please refer to the Additional Information section for further details.
- Polarion installations in Linux are not impacted. Hence no actions are required.
- Update to V2404.0 or later version
- If DOORS connector is not used in the environment, it is advised to limit unauthenticated access within the Apache configuration. For further details, please refer to the Additional Information section.
- If DOORS connector is used in the environment, restrict access to DOORS connector endpoint to the IP address of the DOORS instance with which Polarion synchronizes its data, which can be done in two ways: - Firewall rules set by network administrator (preferred and safest method). - Configure Apache using guidelines https://httpd.apache.org/docs/2.4/howto/access.html For further details, please refer to the Additional Information section.
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
Polarion ALM
<V2404.0
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more