CVE-2024-51456

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation versions 21.0.0 through 21.0.7.19 IBM Robotic Process Automation versions 23.0.0 through 23.0.19

Description The issue is related to the use of the RSA algorithm without OAEP, which could allow a remote attacker to obtain sensitive data through certain crypto-analytic attacks. This vulnerability may potentially be exploited by attackers to gain access to sensitive information.

Recommendations For IBM Robotic Process Automation versions 21.0.0 through 21.0.7.19, consider disabling the use of the RSA algorithm without OAEP as a temporary workaround until a patch is available. For IBM Robotic Process Automation versions 23.0.0 through 23.0.19, consider disabling the use of the RSA algorithm without OAEP as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.