CVE-2024-41770

Summary

IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose application logic or other sensitive information.

Affected Software

VendorProductVersion RangeStatus
IBMEngineering Requirements Management DOORS Next7.0.2affected
IBMEngineering Requirements Management DOORS Next7.0.3affected
IBMEngineering Requirements Management DOORS Next7.1affected

Weaknesses

  • CWE-522: CWE-522 Insufficiently Protected Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References