IBM DOORS Next 7.1-7.2: Authenticated Permission Escalation: CVE-2025-13734 March 2026

IBM Engineering Requirements Management DOORS Next could allow an authenticated user to access and modify data beyond authorized permissions
IBM Engineering Requirements Management DOORS Next 7.1, and 7.2 could allow an authenticated user to view and edit data beyond their authorized access permissions.

Vulnerability Analysis

CVE-2025-13734 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

NONE

Weakness Type

What is an AuthZ Vulnerability?

The software does not perform an authorization check when an actor attempts to access a resource or perform an action.

CVE-2025-13734 has been classified to as an AuthZ vulnerability or weakness.

Products Associated with CVE-2025-13734

Want to know whenever a new CVE is published for IBM Engineering Requirements Management Doors Next? stack.watch will email you.

IBM DOORS Next 7.1-7.2: Authenticated Permission Escalation
CVE-2025-13734 Published on March 3, 2026

Vulnerability Analysis

Weakness Type

What is an AuthZ Vulnerability?

Products Associated with CVE-2025-13734

Affected Versions

IBM DOORS Next 7.1-7.2: Authenticated Permission EscalationCVE-2025-13734 Published on March 3, 2026

Vulnerability Analysis

Weakness Type

What is an AuthZ Vulnerability?

Products Associated with CVE-2025-13734

Affected Versions

IBM DOORS Next 7.1-7.2: Authenticated Permission Escalation
CVE-2025-13734 Published on March 3, 2026