Vulnerabilities > IBM > Robotic Process Automation > 21.0.7.6

DATE CVE VULNERABILITY TITLE RISK
2025-01-18 CVE-2024-51448 Insecure Inherited Permissions vulnerability in IBM Robotic Process Automation
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges.
local
low complexity
ibm CWE-277
6.7
6.7
2025-01-12 CVE-2024-51456 Use of RSA Algorithm without OAEP vulnerability in IBM Robotic Process Automation
IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks.
network
high complexity
ibm CWE-780
5.9
5.9
2023-09-20 CVE-2023-38718 Unspecified vulnerability in IBM Robotic Process Automation
IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data.
network
low complexity
ibm
5.3
5.3
2023-08-02 CVE-2023-23476 Unspecified vulnerability in IBM products
IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnerable to unauthorized access to data due to insufficient authorization validation on some API routes.
network
low complexity
ibm
6.5
6.5
2023-07-17 CVE-2023-35901 Improper Authentication vulnerability in IBM products
IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields.
network
low complexity
ibm CWE-287
5.3
5.3