Summary: A newly disclosed vulnerability in IBM Robotic Process Automation (RPA), tracked as CVE-2024-51456, poses a risk of data breaches due to cryptographic weaknesses. IBM has released a security bulletin with remediation measures to mitigate the threat.
Threat Actor: Unknown | unknown
Victim: IBM | IBM
Key Point :
- The vulnerability allows remote attackers to exploit cryptographic weaknesses in the RSA algorithm.
- It has a CVSS Base Score of 5.9, indicating moderate severity with a focus on confidentiality.
- Affected versions include IBM RPA 21.0.0 – 21.0.7.19 and 23.0.0 – 23.0.19.
- Users are advised to upgrade to version 23.0.20 or later to eliminate the risk.
- IBM has provided mitigation steps for older versions until users can upgrade.
Source: https://gbhackers.com/ibm-robotic-process-autmation-vulnerability/