Sparx Enterprise Architect Client-Side Authentication Vulnerability Allowing Unauthorized Repository Modifications

A vulnerability exists in Sparx Enterprise Architect versions through 17.1, allowing authenticated attackers to bypass role-based security restrictions. By manipulating the client application, such as with a debugger, attackers can log in as any user or administrator and make unrestricted changes to the repository. This issue arises from the software's reliance on client-side authentication, which can be exploited to gain unauthorized access and modify critical data.

Impact

Exploitation of this vulnerability could lead to unauthorized access and modifications within the application's repository, potentially allowing for significant data manipulation or disruption of services.

Reproduction

To reproduce this vulnerability, an authenticated user can modify the Enterprise Architect client behavior using a debugger. Once the client's security features are bypassed, the user can log in as another individual or an administrator. After gaining access, any changes can be made to the repository, exploiting the application's lack of server-side authentication validation.