CVE-2025-2140

Summary

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data.

Affected Software

VendorProductVersion RangeStatus
IBMEngineering Requirements Management Doors Next7.0.2affected
IBMEngineering Requirements Management Doors Next7.0.3affected
IBMEngineering Requirements Management Doors Next7.1affected

Weaknesses

  • CWE-346: CWE-346 Origin Validation Error

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References