IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code.
The vulnerability results from a synchronization error (race condition, CWE-367), in which the state of permission verification and the moment of operation execution are not properly protected against concurrent access. An attacker can send a specially crafted network request that exploits this time window to bypass access control mechanisms. As a result, remote code execution is possible without the need for authentication, from an external network.
An attacker can remotely execute arbitrary code on the server (RCE) without possessing any privileges, which can lead to complete system takeover, loss of confidentiality, integrity, and data availability.
Patches available from the vendor should be applied in accordance with the references (https://www.ibm.com/support/pages/node/7172535). It is recommended to immediately review the IBM bulletin and implement the indicated fixes.
IBM Engineering Systems Design Rhapsody - Model Manager in versions 7.0.2 and 7.0.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HIBM Engineering Systems Design Rhapsody
APPIbm7.0.27.0.3
Related vulnerabilities
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow...
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow...
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryp...
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass sec...