- Description
- IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 could allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation of client-side security enforcement.
- Source
- psirt@us.ibm.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
- psirt@us.ibm.com
- CWE-602
- Hype score
- Not currently trending
New post from https://t.co/uXvPWJy6tj (CVE-2024-49824 | IBM Robotic Process Automation up to 21.0.7.18/23.0.18 client-side enforcement of server-side security) has been published on https://t.co/y5v1gVdQ5e
@WolfgangSesin
18 Jan 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-49824 Unauthorized Privileged Actions in IBM RPA Due to Security Flaw https://t.co/l9jI3CM4Vo
@VulmonFeeds
18 Jan 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes