Vulnerability Details CVE-2025-2138
IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1
could allow an authenticated user on the network to delete comments from other users due to client-side enforcement of server-side security.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.1%
CVSS Severity
CVSS v3 Score 3.5
Products affected by CVE-2025-2138
-
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.2
-
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.0.3
-
cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1
-
cpe:2.3:o:ibm:aix:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-