The vulnerability in the web interface of the software requirement management tool during the development of IBM Engineering Requirements Management DOORS allows a perpetrator to gain unauthorized access to protected information or affect the accessibility of that information.

🗓️ 07 Aug 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

The DOORS web interface vulnerability allows unauthorized access or disruption via improper extensible markup language link restrictions.

Reporter	Title	Published	Views	Family All 12
IBM Security Bulletins	Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9	15 Apr 202502:49	–	ibm
Circl	CVE-2023-50304	18 Jul 202419:18	–	circl
CNNVD	IBM Engineering Requirements Management DOORS Web Access 代码问题漏洞	18 Jul 202400:00	–	cnnvd
CNVD	IBM Engineering Requirements Management DOORS Web Access XML External Entity Injection Vulnerability	22 Jul 202400:00	–	cnvd
CVE	CVE-2023-50304	18 Jul 202416:01	–	cve
Cvelist	CVE-2023-50304 IBM Engineering Requirements Management DOORS XML external entity injection	18 Jul 202416:01	–	cvelist
EUVD	EUVD-2023-55109	3 Oct 202520:07	–	euvd
NVD	CVE-2023-50304	18 Jul 202416:15	–	nvd
OSV	CVE-2023-50304	18 Jul 202416:15	–	osv
Positive Technologies	PT-2024-5370 · Ibm · Ibm Engineering Requirements Management Doors Web Access	17 Jul 202400:00	–	ptsecurity

Vulners

Node

ibm ibm_engineering_requirements_management_doors_web_accessMatch9.7.2.8

Source	Link
ibm	www.ibm.com/support/pages/node/7160471
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/273335
vuldb	www.vuldb.com/
web	www.web.nvd.nist.gov/view/vuln/detail

07 Aug 2024 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 37.1

CVSS 27.5

EPSS0.00614

engineering requirements tool web interface extensible markup language unauthorized access security vulnerability