Remote File Download Vulnerability in IBM Engineering Requirements Management
CVE-2024-41771
7.5HIGH
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 3 March 2025
Summary
A vulnerability exists in IBM Engineering Requirements Management DOORS Next that enables unauthorized remote attackers to download temporary files. This could potentially expose sensitive application logic and other confidential information, posing significant risks to the integrity and confidentiality of the system's data.
Affected Version(s)
Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, 7.1
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved