CVE-2025-2140
5.7
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Engineering Requirements Management Doors Next | 7.0.2 | affected |
| IBM | Engineering Requirements Management Doors Next | 7.0.3 | affected |
| IBM | Engineering Requirements Management Doors Next | 7.1 | affected |
Weaknesses
- CWE-346: CWE-346 Origin Validation Error
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.