cbcvebase.
CVE-2024-33647
published 2024-05-14

CVE-2024-33647: A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The Apache Lucene based query engine in the affected application lacks proper…

PriorityP337medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.42%
33.9th percentile
A vulnerability has been identified in Polarion ALM (All versions < V2404.0). The Apache Lucene based query engine in the affected application lacks proper access controls. This could allow an authenticated user to query items beyond the user's allowed projects.

Affected

1 ranges
VendorProductVersion rangeFixed in
siemenspolarion_alm< V2404.0V2404.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.