Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2024-51444

A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All versions < V2404.4). The application insufficiently validates user input for database read queries. This could allow an authenticated remote attacker to conduct an SQL injection attack that bypasses authorization controls and allows to download any data from the application's database.

Published: May 13, 2025
Updated: Nov 16, 2025
CVE: CVE-2024-51444
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
siemens / polarion_alm	2404.0	2404.4
siemens / polarion_alm	2310.0	2310.0.x

https://cert-portal.siemens.com/productcert/html/ssa-162255.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo