Lucene search
K
IbmEngineering Requirements Management Doors

13 matches found

CVE
CVE
added 2024/03/01 1:44 a.m.83 views

CVE-2023-50305

CVE-2023-50305 affects IBM Engineering Requirements Management DOORS family (DOORS 9.7.2.7; DOORS Web Access 9.7.2.7; Rational DOORS/DOORS Web Access 9.6.1.x). According to the IBM bulletin, the issue is a design/logic flaw where users by default do not have strong passwords, enabling easier comp...

5.1CVSS5.4AI score0.00201EPSS
CVE
CVE
added 2024/03/01 1:47 a.m.79 views

CVE-2023-28949

CVE-2023-28949 affects IBM Engineering Requirements Management DOORS/DOORS Web Access 9.7.2.7. The issue is a cross-site request forgery that could allow an attacker to perform malicious actions transmitted from a trusted user. The IBM bulletin confirms the vulnerability and directs upgrading to ...

6.5CVSS6.7AI score0.00247EPSS
CVE
CVE
added 2024/03/01 1:41 a.m.74 views

CVE-2023-28525

CVE-2023-28525 affects IBM Engineering Requirements Management DOORS/DOORS Web Access 9.7.2.7 with a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. IBM recommends ...

4.8CVSS5AI score0.00321EPSS
CVE
CVE
added 2018/06/27 6:0 p.m.56 views

CVE-2018-1457

Summary of CVE-2018-1457 (IBM Rational DOORS) : A vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 could allow an attacker to gain DOORS administrator privileges. The publicly documented details in the IBM bulletin specify affected products/components as Rational DOORS desktop client an...

9.8CVSS9AI score0.0252EPSS
CVE
CVE
added 2018/01/26 9:0 p.m.55 views

CVE-2017-1545

IBM Doors Web Access (Rational DOORS) versions 9.5 and 9.6 are affected by a vulnerability where an attacker with physical access can log into the application using previously stored credentials. The issue affects Rational DOORS Desktop Client, Web Access, and interoperation server across 9.5.0.0...

6.8CVSS6.1AI score0.00427EPSS
CVE
CVE
added 2018/01/26 9:0 p.m.48 views

CVE-2017-1515

CVE-2017-1515 — IBM DOORS Web Access information disclosure . Affected: Rational DOORS 9.5.x and 9.6.x (Rational DOORS Web Access). Description: an authenticated user could obtain sensitive information from HTTP internal server error responses due to the vulnerability in DOORS Web Access. Root ca...

4.3CVSS4.6AI score0.01248EPSS
CVE
CVE
added 2018/01/26 9:0 p.m.48 views

CVE-2017-1540

CVE-2017-1540 concerns IBM Doors Web Access. Multiple connected documents confirm a cross-site scripting vulnerability affecting Rational DOORS Web Access versions 9.5 and 9.6, enabling injection of arbitrary JavaScript into the Web UI and potentially leading to credentials disclosure within a tr...

5.4CVSS5.3AI score0.00942EPSS
CVE
CVE
added 2018/01/26 9:0 p.m.47 views

CVE-2017-1516

Summary (CVE-2017-1516) IBM Doors Web Access (versions 9.5.x and 9.6.x) is vulnerable to a clickjacking-style issue where a remote attacker lures a victim to a malicious site and hijacks the user’s click actions, potentially enabling further attacks. Affected components include Rational DOORS Web...

5.4CVSS5.7AI score0.01196EPSS
CVE
CVE
added 2024/07/18 4:1 p.m.47 views

CVE-2023-50304

CVE-2023-50304 affects IBM Engineering Requirements Management DOORS Web Access 9.7.2.8, where an XML External Entity (XXE) vulnerability exists in XML processing. The underlying issue could allow a remote attacker to expose sensitive information or cause memory/resource consumption. Public docum...

8.2CVSS7.1AI score0.00614EPSS
CVE
CVE
added 2018/01/26 9:0 p.m.45 views

CVE-2017-1532

IBM DOORS 9.5–9.6 is affected by a cross-site scripting vulnerability in the Web UI that could allow an attacker to inject JavaScript and potentially disclose credentials within a trusted session. The issue affects Rational DOORS components including the desktop client, Web Access, and interopera...

5.4CVSS5.3AI score0.00942EPSS
CVE
CVE
added 2018/01/26 9:0 p.m.45 views

CVE-2017-1563

CVE-2017-1563 affects IBM Rational DOORS Web Access (versions 9.5 and 9.6). The vulnerability is a cross-site scripting flaw in the Web UI that could let an attacker inject arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected components include Ra...

5.4CVSS5.3AI score0.00942EPSS
CVE
CVE
added 2018/01/26 9:0 p.m.43 views

CVE-2017-1567

IBM DOORS Web Access (versions 9.5.x and 9.6.x) is vulnerable to cross-site scripting (XSS) in the Web UI, enabling an attacker to inject arbitrary JavaScript and potentially disclose credentials within a trusted session. Affected products/versions include Rational DOORS to 9.5.x and 9.6.x with t...

5.4CVSS5.3AI score0.00942EPSS
CVE
CVE
added 2025/07/07 5:45 p.m.27 views

CVE-2024-43190

CVE-2024-43190 affects IBM Engineering Requirements Management DOORS 9.7.2.9. Description and connected IBM advisory confirm a weak authentication issue that, under certain configurations, could allow a remote attacker to obtain password reset instructions for a legitimate user via man-in-the-mid...

5.9CVSS9.3AI score0.00299EPSS