Ibm Engineering_requirements_management_doors
13 CVEs affecting Ibm Engineering_requirements_management_doors. Latest disclosed: 2025-07-07. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-1457 | Critical | 9.8 | 2018-06-27 | An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. IBM X-Force ID… |
CVE-2023-50304 | High | 7.1 | 2024-07-18 | IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A rem… |
CVE-2017-1545 | Medium | 6.8 | 2018-01-26 | IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical access to the system to log into the application using previously stored credentials. IB… |
CVE-2023-28949 | Medium | 6.5 | 2024-03-01 | IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauth… |
CVE-2024-43190 | Medium | 5.9 | 2025-07-07 | IBM Engineering Requirements Management DOORS 9.7.2.9, under certain configurations, could allow a remote attacker to obtain password reset instructions of a l… |
CVE-2017-1567 | Medium | 5.4 | 2018-01-26 | IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2017-1563 | Medium | 5.4 | 2018-01-26 | IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2017-1540 | Medium | 5.4 | 2018-01-26 | IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a… |
CVE-2017-1532 | Medium | 5.4 | 2018-01-26 | IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the… |
CVE-2017-1516 | Medium | 5.4 | 2018-01-26 | IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web sit… |
CVE-2023-50305 | Medium | 5.1 | 2024-03-01 | IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers… |
CVE-2023-28525 | Medium | 4.8 | 2024-03-01 | IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th… |
CVE-2017-1515 | Medium | 4.3 | 2018-01-26 | IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 1… |