Summary: IBM has issued a critical security bulletin regarding two severe vulnerabilities in its Engineering Requirements Management DOORS Next software, which could lead to remote code execution and security bypass. The vulnerabilities, CVE-2024-41779 and CVE-2024-41787, are rated with a CVSS Base Score of 9.8, highlighting the urgent need for remediation.
Threat Actor: Remote Attacker | Remote Attacker
Victim: IBM Users | IBM Users
Key Point :
- Vulnerabilities CVE-2024-41779 and CVE-2024-41787 allow remote code execution through race condition exploits.
- Versions 7.0.2 and 7.0.3 of DOORS Next are affected, with no available workarounds.
- IBM recommends immediate installation of specific fixes from Fix Central to mitigate risks.