Primary

Context

IBM Engineering Requirements Management DOORS Next Reflected File Download Vulnerability

Vulnerability

A reflected file download vulnerability has been identified in IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1. This vulnerability could allow a user to download a malicious file without proper verification of the file's integrity.

Impact

Exploitation of this vulnerability could lead to reflected file download, allowing users to download files that may contain malicious content.

Remediation

Users of IBM Engineering Requirements Management DOORS Next 7.0.2 should install iFix 33 or newer. Users of version 7.0.3 should install iFix 11 or newer. For version 7.1.0, iFix 02 or newer should be installed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

6.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

6.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Engineering Requirements Management DOORS Next Reflected File Download Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Engineering Requirements Management DOORS Next

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating