Ibm Engineering_requirements_management_doors_web_access
5 CVEs affecting Ibm Engineering_requirements_management_doors_web_access. Latest disclosed: 2025-07-07. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-50304 | High | 7.1 | 2024-07-18 | IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A rem… |
CVE-2023-28949 | Medium | 6.5 | 2024-03-01 | IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauth… |
CVE-2024-43190 | Medium | 5.9 | 2025-07-07 | IBM Engineering Requirements Management DOORS 9.7.2.9, under certain configurations, could allow a remote attacker to obtain password reset instructions of a l… |
CVE-2023-50305 | Medium | 5.1 | 2024-03-01 | IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers… |
CVE-2023-28525 | Medium | 4.8 | 2024-03-01 | IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th… |