Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Robotic Process Automation privilege escalation
Vulnerability Description
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service. A subsequent service or server restart will then run that binary with administrator privilege.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
不安全的继承权限
Vulnerability Title
IBM Robotic Process Automation 安全漏洞
Vulnerability Description
IBM Robotic Process Automation是美国国际商业机器(IBM)公司的一种机器人流程自动化产品。可帮助您以传统 RPA 的轻松和速度大规模自动化更多业务和 IT 流程。 IBM Robotic Process Automation 21.0.0版本至21.0.7.17版本和23.0.0版本至23.0.18版本存在安全漏洞,该漏洞源于可能允许本地用户提升其权限。
CVSS Information
N/A
Vulnerability Type
N/A