Remote Data Exposure in IBM Robotic Process Automation
CVE-2024-51456

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Robotic Process Automation
Vendor: CVE Published:; 12 January 2025

Badges

👾 Exploit Exists📰 News Worthy

Summary

A vulnerability exists in IBM Robotic Process Automation versions 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19, where a remote attacker may exploit weaknesses in crypto-analysis to access sensitive data. This risk accentuates the need for vigilant security measures and targeted updates to safeguard valuable information from potential exposure.

Affected Version(s)

Robotic Process Automation 21.0.0 <= 21.0.7.19

Robotic Process Automation 23.0.0 <= 23.0.19

News Articles

GBHackers News

CVE-2024-51456

IBM Robotic Process Autmation Vulnerability Let Attackers Obtain Sensitive Data

A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches.

References

https://www.ibm.com/support/pages/node/7180685

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Jan 13, 2025
📰
First article discovered by GBHackers News
Jan 13, 2025
Vulnerability published
Jan 12, 2025
Vulnerability Reserved
Oct 28, 2024

Key Information:

Badges

Summary

Affected Version(s)

Get notified when SecurityVulnerability.io launches alerting 🔔

News Articles

IBM Robotic Process Autmation Vulnerability Let Attackers Obtain Sensitive Data

References

CVSS V3.1

Timeline