Vulnerabilities > IBM > Engineering Requirements Management Doors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-18 | CVE-2023-50304 | Unspecified vulnerability in IBM products IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |
| 2024-03-01 | CVE-2023-28525 | Unspecified vulnerability in IBM products IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. | 4.8 |
| 2024-03-01 | CVE-2023-28949 | Unspecified vulnerability in IBM products IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2024-03-01 | CVE-2023-50305 | Unspecified vulnerability in IBM products IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 5.1 |
| 2018-06-27 | CVE-2018-1457 | Unspecified vulnerability in IBM Engineering Requirements Management Doors An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges. | 9.8 |
| 2018-01-26 | CVE-2017-1567 | Cross-site Scripting vulnerability in IBM Engineering Requirements Management Doors IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-01-26 | CVE-2017-1563 | Cross-site Scripting vulnerability in IBM Engineering Requirements Management Doors IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-01-26 | CVE-2017-1545 | Unspecified vulnerability in IBM Engineering Requirements Management Doors IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical access to the system to log into the application using previously stored credentials. low complexity ibm | 6.8 |
| 2018-01-26 | CVE-2017-1540 | Cross-site Scripting vulnerability in IBM Engineering Requirements Management Doors IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-01-26 | CVE-2017-1532 | Cross-site Scripting vulnerability in IBM Engineering Requirements Management Doors IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. | 5.4 |