Weak Passwords Put IBM DOORS Users at Risk of Compromise
CVE-2023-50305

5.1MEDIUM

Key Information:

Vendor: IBM
Status: Engineering Requirements Management
Vendor: CVE Published:; 1 March 2024

Summary

IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336.

Affected Version(s)

Engineering Requirements Management 9.7.2.7

References

https://www.ibm.com/support/pages/node/7124058

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/273336

vdb-entry

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 1, 2024
Vulnerability Reserved
Dec 7, 2023