CVE-2023-28949

CVE-2023-28949 affects IBM Engineering Requirements Management DOORS/DOORS Web Access 9.7.2.7. The issue is a cross-site request forgery that could allow an attacker to perform malicious actions transmitted from a trusted user. The IBM bulletin confirms the vulnerability and directs upgrading to ...

CVE-2023-28949 IBM Engineering Requirements Management cross-site request forgery

IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 251216...

CVE-2023-50305

CVE-2023-50305 affects IBM Engineering Requirements Management DOORS family (DOORS 9.7.2.7; DOORS Web Access 9.7.2.7; Rational DOORS/DOORS Web Access 9.6.1.x). According to the IBM bulletin, the issue is a design/logic flaw where users by default do not have strong passwords, enabling easier comp...

CVE-2023-28525

CVE-2023-28525 affects IBM Engineering Requirements Management DOORS/DOORS Web Access 9.7.2.7 with a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. IBM recommends ...

PT-2024-2054 · Ibm · Ibm Engineering Requirements Management Doors

Name of the Vulnerable Software and Affected Versions: IBM Engineering Requirements Management DOORS version 9.7.2.7 Description: The issue is related to weak password requirements, making it easier for attackers to compromise user accounts. This weakness can be exploited to gain unauthorized...

PT-2024-2055 · Ibm · Ibm Engineering Requirements Management Doors

Name of the Vulnerable Software and Affected Versions: IBM Engineering Requirements Management DOORS version 9.7.2.7 Description: The issue is related to cross-site request forgery, which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit...