CVE-2025-13734 IBM — Exploit & Vulnerability Details MEDIUM

CVE-2025-13734

MEDIUM CVSS 3.1: 5.4 EPSS 0.03%

Parameter	Value
CVSS	5.4 (MEDIUM)
Type	CWE-863 (Incorrect Authorization), CWE-862 (Missing Authorization)
Vendor	IBM
Public PoC	No

IBM Engineering Requirements Management DOORS Next 7.1, and 7.2 could allow an authenticated user to view and edit data beyond their authorized access permissions.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

Low

Basic privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

Low

Partial data leak

Integrity

Low

Partial data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-863 Incorrect Authorization

CWE-862 Missing Authorization

Vulnerable Products 2

Configuration	From (including)	Up to (excluding)
Ibm Engineering_Requirements_Management_Doors_Next cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.1:::::::*	—	—
Ibm Engineering_Requirements_Management_Doors_Next cpe:2.3:a:ibm:engineering_requirements_management_doors_next:7.2:::::::*	—	—

References 1

https://www.ibm.com/support/pages/node/7261900

psirt@us.ibm.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-1346

IBM

7.8

CVE-2026-1343

IBM

7.2

CVE-2026-1342

IBM

7.9

CVE-2025-13044

IBM

6.2

CVE-2026-1243

Microsoft

5.4

Menu

CVE-2025-13734

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 2

References 1

Related Vulnerabilities

CVE-2026-1346

CVE-2026-1343

CVE-2026-1342

CVE-2025-13044

CVE-2026-1243

CVE Details

Editor's Choice

Menu

CVE-2025-13734

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 2

References 1

Related Vulnerabilities

CVE-2026-1346

CVE-2026-1343

CVE-2026-1342

CVE-2025-13044

CVE-2026-1243

CVE Details

Editor's Choice

Stay informed on cybersecurity