What is the vulnerability ID for this IBM DOORS Next Generation vulnerability?

The vulnerability ID for this IBM DOORS Next Generation vulnerability is CVE-2019-4737.

What is the severity of CVE-2019-4737?

The severity of CVE-2019-4737 is medium with a CVSS score of 5.4.

Which versions of IBM DOORS Next Generation are affected by CVE-2019-4737?

IBM DOORS Next Generation versions 6.0.2, 6.0.6, and 6.0.6.1 are affected by CVE-2019-4737.

What is the impact of CVE-2019-4737?

CVE-2019-4737 allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.

Are there any references for CVE-2019-4737?

Yes, you can find references for CVE-2019-4737 at the following links: - [IBM X-Force Exchange](https://exchange.xforce.ibmcloud.com/vulnerabilities/172707) - [IBM Support Page](https://www.ibm.com/support/pages/node/6172635)

Vulnerability/
CVE-2019-4737

medium

5.4

CWE

13/2/2020

7/4/2020

4/8/2024

CVE-2019-4737: XSS

First published: Thu Feb 13 2020(Updated: )

IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172707.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM DOORS Next Generation	=6.0.2
IBM DOORS Next Generation	=6.0.6
IBM DOORS Next Generation	=6.0.6.1
IBM Rational DOORS Next Generation	=6.0.2
IBM Rational DOORS Next Generation	=6.0.6
IBM Rational DOORS Next Generation	=6.0.6.1
IBM RDNG	<=6.0.2
IBM DNG	<=6.0.6
IBM DNG	<=6.0.6.1
IBM RDNG	<=6.0.6.1
IBM RDNG	<=6.0.6
IBM DNG	<=6.0.2

Remedy

https://www.ibm.com/support/pages/node/6172635

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6172635

Frequently Asked Questions

What is the vulnerability ID for this IBM DOORS Next Generation vulnerability?
The vulnerability ID for this IBM DOORS Next Generation vulnerability is CVE-2019-4737.
What is the severity of CVE-2019-4737?
The severity of CVE-2019-4737 is medium with a CVSS score of 5.4.
Which versions of IBM DOORS Next Generation are affected by CVE-2019-4737?
IBM DOORS Next Generation versions 6.0.2, 6.0.6, and 6.0.6.1 are affected by CVE-2019-4737.
What is the impact of CVE-2019-4737?
CVE-2019-4737 allows users to embed arbitrary JavaScript code in the Web UI, potentially leading to credentials disclosure within a trusted session.
Are there any references for CVE-2019-4737?
Yes, you can find references for CVE-2019-4737 at the following links: - [IBM X-Force Exchange](https://exchange.xforce.ibmcloud.com/vulnerabilities/172707) - [IBM Support Page](https://www.ibm.com/support/pages/node/6172635)

collector/nvd-index
agent/type
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/remedy
agent/last-modified-date
agent/severity
agent/author
agent/references
agent/weakness
agent/description
agent/first-publish-date
agent/softwarecombine
agent/tags
agent/event
collector/mitre-cve
source/MITRE
vendor/ibm
canonical/ibm doors next generation
version/ibm doors next generation/6.0.2
version/ibm doors next generation/6.0.6
version/ibm doors next generation/6.0.6.1
canonical/ibm rational doors next generation
version/ibm rational doors next generation/6.0.2
version/ibm rational doors next generation/6.0.6
version/ibm rational doors next generation/6.0.6.1
canonical/ibm rdng
version/ibm rdng/6.0.2
canonical/ibm dng
version/ibm dng/6.0.6
version/ibm dng/6.0.6.1
version/ibm rdng/6.0.6.1
version/ibm rdng/6.0.6
version/ibm dng/6.0.2