Weak Passwords Put IBM DOORS Users at Risk of Compromise
CVE-2023-50305

5.1MEDIUM

Key Information:

Vendor

IBM
Status
Engineering Requirements Management
Vendor
CVE Published:
1 March 2024

What is CVE-2023-50305?

IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336.

Affected Version(s)

Engineering Requirements Management 9.7.2.7

References

https://www.ibm.com/support/pages/node/7124058
vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/273336
vdb-entry

CVSS V3.1

Score:
5.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.