Remote File Download Vulnerability in IBM Engineering Requirements Management
CVE-2024-41771

7.5HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
3 March 2025

Summary

A vulnerability exists in IBM Engineering Requirements Management DOORS Next that enables unauthorized remote attackers to download temporary files. This could potentially expose sensitive application logic and other confidential information, posing significant risks to the integrity and confidentiality of the system's data.

Affected Version(s)

Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, 7.1

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.