Unrated severityNVD Advisory· Published Jan 18, 2025· Updated Jan 21, 2025

IBM Robotic Process Automation security bypass

CVE-2024-49824

Description

IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and

IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18

could allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation of client-side security enforcement.

Affected products

IBM/Robotic Process Automationcpe-rescue3 versions
cpe:2.3:a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*range: 21.0.0
- (no CPE)range: 21.0.0 to 21.0.7.18, 23.0.0 to 23.0.18
- (no CPE)range: 21.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/pages/node/7177587mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000