IBM Rhapsody Model Manager Vulnerability Puts Systems at Risk

IBM has recently released a security bulletin addressing a critical vulnerability in IBM Engineering Systems Design Rhapsody – Model Manager (RMM). The vulnerability, identified as CVE-2024-41779 with a CVSS score of 9.8, could allow a remote attacker to bypass security restrictions and execute arbitrary code on vulnerable systems.

The vulnerability stems from a race condition in the software, potentially allowing attackers to exploit the system by sending specially crafted requests.

“By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code,” reads the security bulletin.

While the vulnerability is severe, it does not impact RMM installations under normal operating conditions since DEBUG logging for IDMappingsService.verbose is disabled by default. IBM clarifies: “DEBUG level logging is NOT enabled for RMM’s IDMappingsService by default, thus there is no risk of this situation happening under normal operation of RMM.”

Affected Products and Versions:

• RMM 7.0.2
• RMM 7.0.3

Remediation:

IBM urges users to update their RMM software to the latest versions that include the necessary security fixes. The following updates are available to address the vulnerability:

• RMM 7.0.2: Download and install iFix031 or later.
• RMM 7.0.3: Download and install iFix008 or later.

Workaround:

As a temporary workaround, IBM recommends disabling DEBUG logging for ‘IDMappingsService.verbose’.

Additional Information:

It’s important to note that enabling DEBUG logging of IDMappingsService itself is not impacted by this vulnerability. Users can still safely enable the following: <Logger name=”com.ibm.team.rmm.models.service.internal.IDMappingsService” level=”DEBUG”>

Related Posts: