CVE-2024-51456
EUVD-2024-4577812.01.2025, 14:15
IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a remote attacker to obtain sensitive data that may be exposed through certain crypto-analytic attacks.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ibm | robotic_process_automation | 21.0.0 ≤ 𝑥 ≤ 21.0.7.19 |
| ibm | robotic_process_automation | 23.0.0 ≤ 𝑥 ≤ 23.0.19 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-780 - Use of RSA Algorithm without OAEPThe software uses the RSA algorithm but does not incorporate Optimal Asymmetric Encryption Padding (OAEP), which might weaken the encryption.
- CWE-327 - Use of a Broken or Risky Cryptographic AlgorithmThe use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.