NotCVE - vendor:"Ibm" product:"Robotic Process Automation For Cloud Pak" version:"21.0.0"

Page 2 of 22 results (0.014 seconds)

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-22594 – IBM Robotic Process Automation for Cloud Pak cross-site scripting

https://notcve.org/view.php?id=CVE-2023-22594

18 Jan 2023 — IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244075. IBM Robotic Process Automation para Cloud Pak 20.12.0 a 21.0.4 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en l... • https://exchange.xforce.ibmcloud.com/vulnerabilities/244075 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-43573 – IBM Robotic Process Automation information disclosure

https://notcve.org/view.php?id=CVE-2022-43573

05 Jan 2023 — IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238678 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-41740 – IBM Robotic Process Automation information disclosure

https://notcve.org/view.php?id=CVE-2022-41740

05 Jan 2023 — IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access to the system to obtain highly sensitive information from system memory. IBM X-Force ID: 238053. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238053 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-43844 – IBM Robotic Process Automation for Cloud Pak session fixation

https://notcve.org/view.php?id=CVE-2022-43844

05 Jan 2023 — IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control. A user is not correctly redirected to the platform log out screen when logging out of IBM RPA for Cloud Pak. IBM X-Force ID: 239081. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239081 • CWE-613: Insufficient Session Expiration •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-38710 – IBM Robotic Process Automation information disclosure

https://notcve.org/view.php?id=CVE-2022-38710

03 Nov 2022 — IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information that could aid in further attacks against the system. IBM X-Force ID: 234292. "IBM Robotic Process Automation 21.0.1 y 21.0.2 podrían revelar información confidencial de la versión que podría ayudar en futuros ataques contra el sistema. IBM X-Force ID: 234292". IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version to an unauthorized control sphere information that could aid in further at... • https://exchange.xforce.ibmcloud.com/vulnerabilities/234292 • CWE-312: Cleartext Storage of Sensitive Information CWE-319: Cleartext Transmission of Sensitive Information CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-43574

https://notcve.org/view.php?id=CVE-2022-43574

03 Nov 2022 — "IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to incorrect permission assignment which could allow access to application configurations. IBM X-Force ID: 238679." "IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4 y 21.0.5 es vulnerable a una asignación de permisos incorrecta que podría permitir el acceso a las configuraciones de la aplicación. ID de IBM X-Force: 238679". • https://www.ibm.com/support/pages/node/6831645 • CWE-276: Incorrect Default Permissions •

CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-42442 – IBM Robotic Process Automation for Cloud Pak information disclosure

https://notcve.org/view.php?id=CVE-2022-42442

03 Nov 2022 — IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. IBM X-Force ID: 238214. IBM Robotic Process Automation para Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4 y 21.0.5 es vulnerable a la exposición de la dirección de correo electrónico del propietario del primer inquilino a los usuarios con acceso a la plataforma de contenedores. ID de IBM X-Force: 238214. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238214 •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-36774

https://notcve.org/view.php?id=CVE-2022-36774

06 Oct 2022 — IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. IBM X-Force ID: 233575. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, es vulnerable a ataques de tipo man in the middle mediante la manipulación de la configuración del proxy del cliente. IBM X-Force ID: 233575 • https://exchange.xforce.ibmcloud.com/vulnerabilities/233575 •

CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-35280

https://notcve.org/view.php?id=CVE-2022-35280

10 Aug 2022 — IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, no exige que usuarios tengan contraseñas seguras por defecto, lo que facilita que atacantes puedan comprometer las cuentas de usuarios. IBM X-Force ID: 230634 • https://exchange.xforce.ibmcloud.com/vulnerabilities/230634 • CWE-521: Weak Password Requirements •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-22490

https://notcve.org/view.php?id=CVE-2022-22490

10 Aug 2022 — IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, podría permitir a un usuario privilegiado obtener información confidencial de credenciales del bot de Azure. IBM X-Force ID: 226342 • https://exchange.xforce.ibmcloud.com/vulnerabilities/226342 • CWE-552: Files or Directories Accessible to External Parties •

1 2 3