CVE-2018-1877

Vulnerability

IBM Robotic Process Automation with Automation Anywhere version 11.0 stores highly sensitive information, including unencrypted passwords, in a manner that makes them available to a local user. The vulnerability exists because the application does not encrypt stored passwords, allowing anyone with local access to the system to read them [1].

Exploitation

To exploit this vulnerability, an attacker must have local access to the system where IBM Robotic Process Automation with Automation Anywhere 11.0 is installed. No authentication or user interaction is required beyond gaining local access. The attacker can then locate and read the unencrypted password files [1].

Impact

Successful exploitation leads to disclosure of sensitive information, specifically unencrypted passwords. This could enable further compromise of connected systems or services. The CVSS score is 6.2 (Medium) with a vector of AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [1].

Mitigation

As of the available reference, IBM has not provided a workaround or mitigation for this vulnerability [1]. Users should monitor IBM's security advisories for a future fix. The product version 11.0 is the only affected version.