Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Robotic_process_automation_for_cloud_pak
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-29 | CVE-2022-39168 | IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422. | Robotic_process_automation, Robotic_process_automation_for_cloud_pak, Robotic_process_automation_for_services | 7.5 | ||
| 2022-08-10 | CVE-2022-22490 | IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342. | Robotic_process_automation, Robotic_process_automation_as_a_service, Robotic_process_automation_for_cloud_pak | 4.9 | ||
| 2022-08-10 | CVE-2022-35280 | IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634. | Robotic_process_automation_for_cloud_pak | 9.8 | ||
| 2022-06-24 | CVE-2022-22502 | IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124. | Robotic_process_automation, Robotic_process_automation_as_a_service, Robotic_process_automation_for_cloud_pak | 5.4 | ||
| 2022-06-24 | CVE-2022-33953 | IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. IBM X-Force ID: 229198. | Robotic_process_automation, Robotic_process_automation_as_a_service, Robotic_process_automation_for_cloud_pak | 4.6 |