Page 2 of 9 results (0.004 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244500 https://www.ibm.com/support/pages/node/7005999 •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges. IBM X-Force ID: 244074. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244074 https://www.ibm.com/support/pages/node/7006001 • CWE-863: Incorrect Authorization •

CVSS: 3.9EPSS: 0%CPEs: 3EXPL: 0

IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. IBM X-Force ID: 243710. • https://exchange.xforce.ibmcloud.com/vulnerabilities/243710 https://www.ibm.com/support/pages/node/6962175 • CWE-613: Insufficient Session Expiration •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951. • https://exchange.xforce.ibmcloud.com/vulnerabilities/242951 https://www.ibm.com/support/pages/node/6962155 • CWE-287: Improper Authentication •