Home

Description

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data.

PUBLISHED Reserved 2025-03-10 | Published 2025-10-12 | Updated 2025-10-12 | Assigner ibm




MEDIUM: 5.7CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Problem types

CWE-346 Origin Validation Error

Product status

Default status
unaffected

7.0.2
affected

7.0.3
affected

7.1
affected

References

www.ibm.com/support/pages/node/7247716 vendor-advisory patch

cve.org (CVE-2025-2140)

nvd.nist.gov (CVE-2025-2140)

Download JSON