Sign In

CVE-2025-2140

📊 5.7 MEDIUM0.0%🎯 0 exploits
📅 Published Oct 12, 2025
📋 Status: Analyzed

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data.

🎯 Affected Products & Systems

6 product configurations affected

Filter by type:
📱
Vulnerable
Version: 7.0.2
CPE:
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.2:*:*:*:*:*:*:*
📱
Vulnerable
Version: 7.0.3
CPE:
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.3:*:*:*:*:*:*:*
📱
Vulnerable
Version: 7.1
CPE:
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1:*:*:*:*:*:*:*
💻
ibm / aix
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
💻
linux / linux kernel
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
💻
microsoft / windows
Operating System
Safe
Version: All versions
CPE:
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
6 productsscroll for more
Metrics
5.7 MEDIUMCVSS v3.1[email protected]
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector:
ADJACENT_NETWORK
Complexity:
LOW
Privileges:
LOW
User Interaction:
NONE
Confidentiality:
NONE
Integrity:
HIGH
Availability:
NONE
Scope:
UNCHANGED

🔍 Technical Details

Analysis Status
Analyzed
CVSS Details
5.7 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)0.4th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Oct 12, 2025 (20 days ago)
Last Modified
Oct 16, 2025 (16 days ago)
Security Weaknesses1
References2