VYPR

Robotic Process Automation for Cloud Pak

by IBM

CVEs (8)

  • CVE-2022-43844HigJan 5, 2023
    risk 0.57cvss 8.8epss 0.01

    IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control. A user is not correctly redirected to the platform log out screen when logging out of IBM RPA for Cloud Pak. IBM X-Force ID: 239081.

  • CVE-2023-45189MedNov 3, 2023
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.10, 23.0.0 through 23.0.10 may result in access to client vault credentials. This difficult to exploit vulnerability could allow a low privileged attacker to…

  • CVE-2023-23468MedJun 27, 2023
    risk 0.33cvss 5.1epss 0.00

    IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500.

  • CVE-2023-22594MedJan 18, 2023
    risk 0.30cvss 4.6epss 0.00

    IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure…

  • CVE-2023-35900MedJul 19, 2023
    risk 0.28cvss 4.3epss 0.00

    IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368.

  • CVE-2023-22593MedJun 27, 2023
    risk 0.26cvss 4.0epss 0.00

    IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges. IBM X-Force ID: 244074.

  • CVE-2023-22592MedJan 18, 2023
    risk 0.26cvss 4.0epss 0.00

    IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073.

  • CVE-2022-42442LowNov 3, 2022
    risk 0.21cvss 3.3epss 0.00

    IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. IBM X-Force ID: 238214.