GAMS Licensing System Access Control Bypass Vulnerability
Vulnerability
A vulnerability exists in the GAMS licensing system's access control, allowing the generation of unlimited valid licenses that bypass usage restrictions. This issue arises from an insecure checksum algorithm in the license validator. An attacker who understands this algorithm and the license format can recalculate the checksum to create a valid license, granting full privileges without credentials or source code access. This exploitation allows unrestricted use of GAMS's mathematical models and commercial solvers. The vulnerability affects GAMS versions through 49.6.0.
Impact
Exploitation of this vulnerability could lead to unauthorized access and privileges within the GAMS environment, allowing users to access and utilize GAMS's mathematical models and commercial solvers without proper authorization.
Remediation
Users can upgrade to GAMS version 51 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.