IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security.
History

Thu, 16 Oct 2025 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Ibm aix
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Ibm aix
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Tue, 14 Oct 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 12 Oct 2025 13:45:00 +0000

Type Values Removed Values Added
Description IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security.
Title IBM Engineering Requirements Management Doors Next data modification
First Time appeared Ibm
Ibm engineering Requirements Management Doors Next
Weaknesses CWE-602
CPEs cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm engineering Requirements Management Doors Next
References
Metrics cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-10-12T13:37:02.296Z

Updated: 2025-10-14T15:10:47.518Z

Reserved: 2025-03-10T01:10:31.239Z

Link: CVE-2025-2138

cve-icon Vulnrichment

Updated: 2025-10-14T15:10:44.618Z

cve-icon NVD

Status : Analyzed

Published: 2025-10-12T14:15:36.023

Modified: 2025-10-16T14:25:30.260

Link: CVE-2025-2138

cve-icon Redhat

No data.