13 matches found
CVE-2023-50305
CVE-2023-50305 affects IBM Engineering Requirements Management DOORS family (DOORS 9.7.2.7; DOORS Web Access 9.7.2.7; Rational DOORS/DOORS Web Access 9.6.1.x). According to the IBM bulletin, the issue is a design/logic flaw where users by default do not have strong passwords, enabling easier comp...
CVE-2023-28949
CVE-2023-28949 affects IBM Engineering Requirements Management DOORS/DOORS Web Access 9.7.2.7. The issue is a cross-site request forgery that could allow an attacker to perform malicious actions transmitted from a trusted user. The IBM bulletin confirms the vulnerability and directs upgrading to ...
CVE-2023-28525
CVE-2023-28525 affects IBM Engineering Requirements Management DOORS/DOORS Web Access 9.7.2.7 with a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. IBM recommends ...
CVE-2018-1457
Summary of CVE-2018-1457 (IBM Rational DOORS) : A vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 could allow an attacker to gain DOORS administrator privileges. The publicly documented details in the IBM bulletin specify affected products/components as Rational DOORS desktop client an...
CVE-2017-1545
IBM Doors Web Access (Rational DOORS) versions 9.5 and 9.6 are affected by a vulnerability where an attacker with physical access can log into the application using previously stored credentials. The issue affects Rational DOORS Desktop Client, Web Access, and interoperation server across 9.5.0.0...
CVE-2017-1515
CVE-2017-1515 — IBM DOORS Web Access information disclosure . Affected: Rational DOORS 9.5.x and 9.6.x (Rational DOORS Web Access). Description: an authenticated user could obtain sensitive information from HTTP internal server error responses due to the vulnerability in DOORS Web Access. Root ca...
CVE-2017-1540
CVE-2017-1540 concerns IBM Doors Web Access. Multiple connected documents confirm a cross-site scripting vulnerability affecting Rational DOORS Web Access versions 9.5 and 9.6, enabling injection of arbitrary JavaScript into the Web UI and potentially leading to credentials disclosure within a tr...
CVE-2017-1516
Summary (CVE-2017-1516) IBM Doors Web Access (versions 9.5.x and 9.6.x) is vulnerable to a clickjacking-style issue where a remote attacker lures a victim to a malicious site and hijacks the user’s click actions, potentially enabling further attacks. Affected components include Rational DOORS Web...
CVE-2023-50304
CVE-2023-50304 affects IBM Engineering Requirements Management DOORS Web Access 9.7.2.8, where an XML External Entity (XXE) vulnerability exists in XML processing. The underlying issue could allow a remote attacker to expose sensitive information or cause memory/resource consumption. Public docum...
CVE-2017-1532
IBM DOORS 9.5–9.6 is affected by a cross-site scripting vulnerability in the Web UI that could allow an attacker to inject JavaScript and potentially disclose credentials within a trusted session. The issue affects Rational DOORS components including the desktop client, Web Access, and interopera...
CVE-2017-1563
CVE-2017-1563 affects IBM Rational DOORS Web Access (versions 9.5 and 9.6). The vulnerability is a cross-site scripting flaw in the Web UI that could let an attacker inject arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected components include Ra...
CVE-2017-1567
IBM DOORS Web Access (versions 9.5.x and 9.6.x) is vulnerable to cross-site scripting (XSS) in the Web UI, enabling an attacker to inject arbitrary JavaScript and potentially disclose credentials within a trusted session. Affected products/versions include Rational DOORS to 9.5.x and 9.6.x with t...
CVE-2024-43190
CVE-2024-43190 affects IBM Engineering Requirements Management DOORS 9.7.2.9. Description and connected IBM advisory confirm a weak authentication issue that, under certain configurations, could allow a remote attacker to obtain password reset instructions for a legitimate user via man-in-the-mid...