CVE-2024-41779

Name of the Vulnerable Software and Affected Versions: IBM Engineering Systems Design Rhapsody - Model Manager versions 7.0.2 through 7.0.3

Description: The issue is caused by a race condition, allowing a remote attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this to remotely execute code. This vulnerability is related to errors in synchronization when using a shared resource.

Recommendations: For versions 7.0.2 and 7.0.3, consider applying a patch to mitigate the risks associated with this issue. As a temporary workaround, restrict access to the Model Manager component to minimize the risk of exploitation. Avoid using the vulnerable component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.