CVE-2024-43190 in Engineering Requirements Management DOORS
Summary
by MITRE • 07/07/2025
IBM Engineering Requirements Management DOORS 9.7.2.9, under certain configurations, could allow a remote attacker to obtain password reset instructions of a legitimate user using man in the middle techniques.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 08/21/2025
The vulnerability identified as CVE-2024-43190 affects IBM Engineering Requirements Management DOORS version 9.7.2.9 and represents a significant security flaw that enables remote attackers to exploit password reset mechanisms through man-in-the-middle techniques. This vulnerability specifically manifests under certain configuration conditions, making it particularly concerning for organizations that rely on DOORS for critical requirements management processes. The flaw essentially allows an attacker positioned between a user and the system to intercept and manipulate password reset communications, potentially gaining unauthorized access to legitimate user accounts.
The technical nature of this vulnerability stems from insufficient cryptographic protections during password reset communication channels. When users initiate password reset requests, the system should employ strong encryption and authentication mechanisms to prevent interception and manipulation of reset instructions. However, in vulnerable configurations, the communication between the user and the DOORS system lacks adequate security measures, enabling attackers to perform man-in-the-middle attacks. This allows them to capture reset tokens or instructions and potentially redirect users to malicious endpoints where credentials can be harvested or accounts can be compromised.
The operational impact of this vulnerability extends beyond simple credential theft, as it undermines the fundamental security assumptions of the authentication system. Organizations using DOORS for requirements management face potential exposure of sensitive project data, intellectual property, and confidential business information. The vulnerability particularly affects environments where network traffic is not properly secured or where legacy network configurations have not been updated to enforce secure communication protocols. Attackers could leverage this weakness to gain persistent access to requirements databases, potentially modifying critical specifications or accessing restricted project information.
From a cybersecurity framework perspective, this vulnerability aligns with CWE-319 - Cryptographic Issues, specifically addressing weaknesses in the secure transmission of sensitive information. The attack vector corresponds to techniques outlined in the MITRE ATT&CK framework under T1566 - Phishing and T1531 - Account Access Removal, as attackers can manipulate legitimate authentication flows to gain unauthorized access. Organizations should implement immediate mitigations including enforcing secure communication protocols, implementing proper certificate validation, and ensuring that all password reset communications are protected through strong encryption mechanisms. Network segmentation and monitoring for suspicious authentication activities should also be enhanced to detect potential exploitation attempts.
The remediation approach requires organizations to update their DOORS installations to versions that address this vulnerability, while simultaneously reviewing and strengthening their network security configurations. Security teams should implement mandatory secure communication policies, ensure proper certificate management, and conduct regular vulnerability assessments to identify similar weaknesses in other systems. Additionally, user education regarding suspicious reset notifications and the importance of verifying communication endpoints should be emphasized as part of a comprehensive security strategy to prevent exploitation of this and similar vulnerabilities.