{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T07:38:30.226","vulnerabilities":[{"cve":{"id":"CVE-2024-51448","sourceIdentifier":"psirt@us.ibm.com","published":"2025-01-18T15:15:08.183","lastModified":"2025-03-25T14:06:48.877","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege."},{"lang":"es","value":"IBM Robotic Process Automation 21.0.0 a 21.0.7.17 y 23.0.0 a 23.0.18 podrían permitir que un usuario local aumente sus privilegios. Todos los archivos de la instalación heredan los permisos de archivo del directorio principal y, por lo tanto, un usuario sin privilegios puede sustituir cualquier ejecutable por el servicio nssm.exe. Un reinicio posterior del servicio o del servidor ejecutará ese binario con privilegios de administrador."}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-277"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*","versionStartIncluding":"21.0.0","versionEndIncluding":"21.0.7.17","matchCriteriaId":"DD5A94A8-24DB-4F6F-A629-031BD4BDB7F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*","versionStartIncluding":"23.0.0","versionEndIncluding":"23.0.18","matchCriteriaId":"4641E270-157D-4040-901F-8EC5BC13961C"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7177586","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]}]}}]}