CVE-2024-41770
Published: 03 March 2025
Description
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
Security Summary
IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1 are affected by CVE-2024-41770, a vulnerability that could allow a remote attacker to download temporary files, potentially exposing application logic or other sensitive information. This issue is classified under CWE-522 (Insufficiently Protected Credentials) and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), indicating high confidentiality impact with no requirements for authentication, privileges, or user interaction.
The vulnerability can be exploited by any remote attacker with network access to the affected DOORS Next instance. Successful exploitation enables the download of temporary files, which may reveal sensitive data such as application logic, without impacting integrity or availability.
IBM has published a security bulletin at https://www.ibm.com/support/pages/node/7184663 detailing the vulnerability, affected versions, and recommended patches or mitigations for remediation.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Vulnerability in public-facing web app allows unauthenticated remote download of temp files exposing sensitive data/credentials (CWE-522), directly enabling T1190 for initial access and T1552.001 for obtaining unsecured credentials from files.