Primary

Context

IBM Engineering Requirements Management DOORS Next Missing Authorization Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Patched

A vulnerability exists in IBM Engineering Requirements Management DOORS Next versions 7.1 and 7.2, allowing authenticated users to access and edit data beyond their authorized permissions. This issue arises from inadequate enforcement of authorization, potentially leading to unauthorized access to sensitive project artifacts and impacting data confidentiality and integrity.

Impact

Exploitation of this vulnerability could result in unauthorized access to and modification of restricted project data, compromising the confidentiality and integrity of that information.

Remediation

Users of IBM Engineering Requirements Management DOORS Next 7.1 should install iFix 08 or newer. Users of version 7.2 should install iFix 01 or newer.

Added: Mar 3, 2026, 8:32 PM

Updated: Mar 3, 2026, 10:14 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

4.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

5.0

exploitability

4.9

remediation

7.7

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Engineering Requirements Management DOORS Next Missing Authorization Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Remediation

Affected Products

IBM Engineering Requirements Management DOORS Next

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating