IBM Robotic Process Automation 21.0.7.17

CPE Details

IBM Robotic Process Automation 21.0.7.17
ibm
robotic_process_automation
21.0.7.17
2025-04-03
16h51 +00:00
2025-04-03
16h51 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:robotic_process_automation:21.0.7.17:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

robotic_process_automation

Version

21.0.7.17

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-51448 2025-01-18 15h08 +00:00 IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege.
6.7
Medium
CVE-2024-51456 2025-01-12 13h26 +00:00 IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks.
5.9
Medium
CVE-2023-23476 2023-08-02 14h40 +00:00 IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnerable to unauthorized access to data due to insufficient authorization validation on some API routes. IBM X-Force ID: 245425.
6.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.