CVE Vulnerabilities

CVE-2024-23813

Improper Authentication

Published: Feb 13, 2024 | Modified: Feb 13, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability has been identified in Polarion ALM (All versions). The REST API endpoints of doorsconnector of the affected product lacks proper authentication. An unauthenticated attacker could access the endpoints, and potentially execute code.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Potential Mitigations

References