cvedb.io
CVE-2024-51444
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2025-05-13T10:15:21.340 · Last modified 2026-06-17T08:05:43.367

Summary

A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The application insufficiently validates user input for database read queries. This could allow an authenticated remote attacker to conduct an SQL injection attack that bypasses authorization controls and allows to download any data from the application's database.

Affected products

siemens — polarion_alm

Does this affect you?

Add your gear to cvedb and we'll alert you only when siemens ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.