5.1
CVE-2023-50305
- EPSS 0.02%
- Veröffentlicht 01.03.2024 02:15:07
- Zuletzt bearbeitet 21.11.2024 08:36:49
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Engineering Requirements Management information disclosure
IBM Engineering Requirements Management DOORS 9.7.2.7 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 273336.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Engineering Requirements Management Doors Version9.7.2.7
Ibm ≫ Engineering Requirements Management Doors Web Access Version9.7.2.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.041 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 1.4 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.1 | 1.4 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.