CVE-2025-33096
📋 TL;DR
This vulnerability in IBM Engineering Requirements Management Doors Next allows authenticated users to cause denial of service by uploading specially crafted files that trigger uncontrolled recursion. It affects versions 7.0.2, 7.0.3, and 7.1 of the software. Attackers with valid credentials can disrupt service availability.
💻 Affected Systems
- IBM Engineering Requirements Management Doors Next
📦 What is this software?
Engineering Requirements Management Doors Next by Ibm
View all CVEs affecting Engineering Requirements Management Doors Next →
⚠️ Risk & Real-World Impact
Worst Case
Complete service unavailability requiring system restart or recovery procedures, potentially disrupting engineering workflows and project timelines.
Likely Case
Temporary service degradation or crashes affecting specific components, requiring administrator intervention to restore normal operations.
If Mitigated
Minimal impact with proper access controls and monitoring in place, allowing quick detection and response to suspicious upload attempts.
🎯 Exploit Status
Exploitation requires authenticated access and knowledge of how to craft files that trigger uncontrolled recursion. No public exploit code is currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Apply the fix as specified in IBM Security Bulletin
Vendor Advisory: https://www.ibm.com/support/pages/node/7247716
Restart Required: No
Instructions:
1. Review IBM Security Bulletin for specific patch details. 2. Apply the recommended fix from IBM. 3. Verify the fix by testing file upload functionality. 4. No restart required according to IBM documentation.
🔧 Temporary Workarounds
Restrict File Upload Access
allLimit file upload permissions to only trusted, necessary users through role-based access controls.
Implement File Upload Monitoring
allMonitor file upload activities and set alerts for unusual upload patterns or repeated upload attempts.
🧯 If You Can't Patch
- Implement strict access controls to limit file upload functionality to essential personnel only
- Deploy web application firewall rules to detect and block suspicious file upload patterns
🔍 How to Verify
Check if Vulnerable:
Check your IBM Engineering Requirements Management Doors Next version against affected versions: 7.0.2, 7.0.3, or 7.1.Check Version:
Check the application's About or Version information within the IBM Engineering Requirements Management Doors Next interface or consult system documentation.Verify Fix Applied:
After applying IBM's fix, verify by checking that the software version is no longer listed as vulnerable and test file upload functionality.📡 Detection & Monitoring
Log Indicators:
- Multiple failed file upload attempts
- Unusually large or recursive file processing logs
- Application crash or restart logs following file uploads
Network Indicators:
- Unusual spikes in file upload traffic
- Repeated upload attempts from single authenticated users
SIEM Query:
source="ibm-doors" AND (event="file_upload" AND size>threshold) OR (event="application_error" AND message CONTAINS "recursion")