CVE-2025-2140

🗓️ 12 Oct 2025 13:33:22Reported by ibmType

Authenticated network user could spoof email sender in Doors Next versions 7.0.2, 7.0.3, 7.1 due to improper source data verification.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: IBM Engineering Requirements Management DOORS Next is vulnerable to Broken Access Control for reviews (CVE-2025-2139) and comments (CVE-2025-2138), email spoofing (CVE-2025-2140) and DoS attacks (CVE-2025-33096)	29 Oct 202522:18	–	ibm
Circl	CVE-2025-2140	12 Oct 202514:15	–	circl
CNNVD	IBM Engineering Requirements Management DOORS Next 访问控制错误漏洞	12 Oct 202500:00	–	cnnvd
Cvelist	CVE-2025-2140 IBM Engineering Requirements Management Doors Next spoofing	12 Oct 202513:33	–	cvelist
EUVD	EUVD-2025-33896	12 Oct 202515:30	–	euvd
Tenable Nessus	IBM Engineering Requirements Management DOORS Next Multiple Vulnerabilities (7247716)	17 Oct 202500:00	–	nessus
NVD	CVE-2025-2140	12 Oct 202514:15	–	nvd
OSV	CVE-2025-2140	12 Oct 202514:15	–	osv
Positive Technologies	PT-2025-41722	12 Oct 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-2140	13 Oct 202514:21	–	redhatcve

NVD

Vulners

Node

ibm engineering_requirements_management_doors_nextMatch7.0.2

ibm engineering_requirements_management_doors_nextMatch7.0.3

ibm engineering_requirements_management_doors_nextMatch7.1

AND

ibm aixMatch-

linux linux_kernelMatch-

microsoft windowsMatch-

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.2:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.3:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Engineering Requirements Management Doors Next",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.2"
      },
      {
        "status": "affected",
        "version": "7.0.3"
      },
      {
        "status": "affected",
        "version": "7.1"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7247716

16 Oct 2025 14:32Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.15.7

EPSS0.00008

SSVC

CWE-346