20241128001 (#1112)

* 20241128001 * Format markdown docs * Update and rename 20241128001 to 20241202001 Updated filename to reflect the current date of publishing. --------- Co-authored-by: DGOV-Bryce <[email protected]> Co-authored-by: JadonWill <[email protected]>
wagov · Dec 2, 2024 · 9d88c13 · 9d88c13
1 parent 52196d4
commit 9d88c13
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/docs/advisories/20241202001-IBM-RMM-Vulnerability.md b/docs/advisories/20241202001-IBM-RMM-Vulnerability.md
@@ -0,0 +1,25 @@
+# IBM Rhapsody Model Manager vulnerability - 20241202001
+
+## Overview
+
+IBM has released a security bulletin advising that versions of their Engineering Systems Design Rhapsody - Model Manager (RMM) could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code.
+
+## What is vulnerable?
+
+| Product(s) Affected | Version(s)            | CVE                                                               | CVSS | Severity     |
+| ------------------- | --------------------- | ----------------------------------------------------------------- | ---- | ------------ |
+| RMM                 | Version 7.0.2 & 7.0.3 | [CVE-2024-41779](https://nvd.nist.gov/vuln/detail/CVE-2024-41779) | 9.8  | **Critical** |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month* (refer [Patch Management](../guidelines/patch-management.md)):
+
+- IBM: <https://www.ibm.com/support/pages/node/7172535>
+
+## Additional References
+
+- SecurityOnline: <https://securityonline.info/cve-2024-41779-cvss-9-8-ibm-rhapsody-model-manager-vulnerability-puts-systems-at-risk/>