SSA-162255 — Vulnetix

SSA-162255 PUBLISHED CVSS 5.300000190734863 MEDIUM

Polarion before V2410 contains multiple vulnerabilities that could allow attackers to extract data, conduct cross-site scripting attacks or find out valid usernames. Siemens strongly recommends to update Polarion to V2410 or later versions, not only to fix the documented vulnerabilities, but also to benefit from all the other improvements and fixes. For Polarion V2404 patch releases can be applied.

Risk Scores

CVSS 3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

Vendor	Product	Versions
	Polarion V2404
	Polarion V2310

Exploit Intelligence

https://cert-portal.siemens.com/productcert/html/ssa-162255.html (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-162255.json (circl)
https://support.sw.siemens.com/product/230235217/ (circl)

Timeline

May 13, 2025 CVE Published

References

https://cert-portal.siemens.com/productcert/html/ssa-162255.html advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-162255.json advisory
https://support.sw.siemens.com/product/230235217/ fix

Open in Interactive Console →