Lucene search
HistoryFeb 13, 2024 - 9:15 a.m.
CVE-2023-50236
vulnerability
polarion alm
weak permissions
nt authority\system
escalation
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM.
Related
cnvd
cnvd
Siemens Polarion ALM Faulty Default Privilege Vulnerability
2024-02-21 00:00:00
prion
prion
Design/Logic Flaw
2024-02-13 09:15:00
cve
cve
CVE-2023-50236
2024-02-13 09:15:46
cvelist
cvelist
CVE-2023-50236
2024-02-13 09:00:02
ics
ics
Siemens Polarion ALM
2024-02-15 12:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2023-50236