IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data.
History

Thu, 16 Oct 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Ibm aix
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Ibm aix
Linux
Linux linux Kernel
Microsoft
Microsoft windows

Tue, 14 Oct 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 12 Oct 2025 13:45:00 +0000

Type Values Removed Values Added
Description IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data.
Title IBM Engineering Requirements Management Doors Next spoofing
First Time appeared Ibm
Ibm engineering Requirements Management Doors Next
Weaknesses CWE-346
CPEs cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm engineering Requirements Management Doors Next
References
Metrics cvssV3_1

{'score': 5.7, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-10-12T13:33:22.545Z

Updated: 2025-10-14T14:53:08.219Z

Reserved: 2025-03-10T01:10:33.257Z

Link: CVE-2025-2140

cve-icon Vulnrichment

Updated: 2025-10-14T14:53:03.856Z

cve-icon NVD

Status : Analyzed

Published: 2025-10-12T14:15:36.373

Modified: 2025-10-16T14:32:22.890

Link: CVE-2025-2140

cve-icon Redhat

No data.