IBM Engineering Requirements Management Doors Web Access
By the Year
In 2024 there have been 3 vulnerabilities in IBM Engineering Requirements Management Doors Web Access with an average score of 5.5 out of ten. Engineering Requirements Management Doors Web Access did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2024 as compared to last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 3 | 5.47 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Engineering Requirements Management Doors Web Access vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Engineering Requirements Management Doors Web Access Security Vulnerabilities
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require
CVE-2023-50305
5.1 - Medium
- March 01, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336.
Weak Password Requirements
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user
CVE-2023-28949
6.5 - Medium
- March 01, 2024
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 251216.
Session Riding
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting
CVE-2023-28525
4.8 - Medium
- March 01, 2024
IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251052.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Engineering Requirements Management Doors Web Access or by IBM? Click the Watch button to subscribe.