Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Robotic_process_automation
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 41 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-15 | CVE-2023-22591 | IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. IBM X-Force ID: 243710. | Robotic_process_automation, Robotic_process_automation_as_a_service | 3.2 | ||
| 2023-10-06 | CVE-2023-43058 | IBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527. | Robotic_process_automation, Robotic_process_automation_for_cloud_pak | 9.8 | ||
| 2023-09-20 | CVE-2023-38718 | IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data. IBM X-Force ID: 261606. | Robotic_process_automation | 5.3 | ||
| 2023-08-22 | CVE-2023-38732 | IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289. | Robotic_process_automation, Robotic_process_automation_for_cloud_pak | 4.3 | ||
| 2023-08-22 | CVE-2023-38734 | IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. IBM X-Force ID: 262481. | Robotic_process_automation | 9.8 | ||
| 2023-08-22 | CVE-2023-38733 | IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. IBM X-Force Id: 262293. | Robotic_process_automation | 4.3 | ||
| 2023-08-22 | CVE-2023-40370 | IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470. | Robotic_process_automation, Robotic_process_automation_for_cloud_pak | 5.3 | ||
| 2022-05-09 | CVE-2022-22319 | IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366. | Robotic_process_automation, Robotic_process_automation_as_a_service | 5.4 | ||
| 2022-06-17 | CVE-2022-30607 | IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294. | Robotic_process_automation | 6.5 | ||
| 2022-06-20 | CVE-2022-22414 | IBM Robotic Process Automation 21.0.2 could allow a local user to obtain sensitive web service configuration credentials from system memory. IBM X-Force ID: 223026. | Robotic_process_automation | 5.5 |