PT-2025-41720 · Ibm · Ibm Engineering Requirements Management Doors Next
Published
2025-10-12
·
Updated
2025-10-16
·
CVE-2025-2138
CVSS v3.1
3.5
Low
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Engineering Requirements Management Doors Next versions 7.0.2 through 7.1
Description
An authenticated user on the network may be able to delete comments from other users. This is due to client-side enforcement of server-side security measures.
Recommendations
Update to a newer version that contains a fix for this vulnerability.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Engineering Requirements Management Doors Next