PT-2025-41721 · Ibm · Ibm Engineering Requirements Management Doors Next

Published

2025-10-12

Updated

2025-10-16

CVE-2025-2139

CVSS v3.1

3.5

Low

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM Engineering Requirements Management Doors Next versions 7.0.2 through 7.1

Description An authenticated user on the network may be able to delete reviews belonging to other users. This is due to client-side enforcement of what should be server-side security measures.

Recommendations Update to a newer version that contains a fix for this vulnerability.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-602

Related Identifiers

CVE-2025-2139

Affected Products

Ibm Engineering Requirements Management Doors Next

PT-2025-41721 · Ibm · Ibm Engineering Requirements Management Doors Next

CVE-2025-2139

Weakness Enumeration

Related Identifiers

Affected Products

References · 7