4 matches found
Security Bulletin: IBM Engineering Requirements Management DOORS Next is vulnerable to Race Condition Format Flaw (CVE-2024-41779) and Race Condition Servlet (CVE-2024-41787)
Summary IBM Engineering Requirements Management DOORS Next is vulnerable to CVE-2024-41779 Race Condition Format Flaw and CVE-2024-41787 Race Condition Servlet. Vulnerability Details CVEID:CVE-2024-41787 DESCRIPTION: IBM Engineering Requirements Management DOORS Next could allow a remote attacker...
CVE-2024-41779
creationtimestamp| type| source ---|---|--- 2024-11-22 12:05:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113526515572495284 2024-11-23 10:27:32+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113531791115889914 2024-11-27 07:55:46+00:00| seen|...
CVE-2024-41779
CVE-2024-41779 affects IBM Engineering Systems Design Rhapsody - Model Manager (versions 7.0.2 and 7.0.3). The root cause is a TOCTOU race condition that could allow a remote attacker to bypass security restrictions and execute code by sending a crafted request. IBM sources (and Red Hat/NVD refer...
Security Bulletin: IBM Engineering Systems Design Rhapsody - Model Manager - Race Condition Format Flaw (Uses of non-thread safe SimpleDateFormat.format() when enabling DEBUG log for IDMappingsService.verbose)
Summary In 'IBM Engineering Systems Design Rhapsody - Model Manager RMM' if DEBUG logging is enabled for 'IDMappingsService.verbose', then there is a possibility of an incorrect date being written to the logs, or the possibility of an exception being thrown due to a race-condition involving the u...