A recent security vulnerability, identified as CVE-2024-6922, affects Automation Anywhere's Automation 360, a popular Robotic Process Automation suite. This vulnerability allows for Server-Side Request Forgery (SSRF), enabling an attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) to trigger arbitrary web requests from the server.
The discovery of this issue was made by Ryan Emmons, a Lead Security Researcher at Rapid7, who worked closely with Automation Anywhere to address and mitigate the vulnerability. The timeline of events began with Rapid7 contacting Automation Anywhere on June 17, 2024, and culminated in the public disclosure of the vulnerability on July 26, 2024. It's noteworthy that Automation Anywhere had already addressed this issue in version 33 of their product, released on June 17, 2024, prior to receiving the report from Rapid7.
Customers using InsightVM and Nexpose products from Rapid7 can assess their exposure to CVE-2024-6922 through a vulnerability check included in their content release on July 26, 2024. To protect against this vulnerability, Automation Anywhere advises upgrading to Automation 360 v.33, where the issue has been resolved according to their release notes.
#cybersecurity #automation360 #vulnerability #automationanywhere #ssrf #serversiderequestforgery #devsecops #networksecurity #https #http #infosec #rapid7