CVE-2024-41771

Published: Mar 3, 2025Modified: Mar 7, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: psirt@us.ibm.com (Secondary)

Description

IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose application logic or other sensitive information.

Affected (3)

Products: Ibm: Engineering Requirements Management Doors Next

Ibm

1 product

Engineering Requirements Management Doors Next

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Engineering Requirements Management Doors Next	Version 7.0.2
Ibm Engineering Requirements Management Doors Next	Version 7.0.3
Ibm Engineering Requirements Management Doors Next	Version 7.1

Related CWEs

CWE-522

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (1)

https://www.ibm.com/support/pages/node/7184663

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.