CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22592 – IBM Robotic Process Automation for Cloud Pak insufficient permission settings
https://notcve.org/view.php?id=CVE-2023-22592
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073. IBM Robotic Process Automation para Cloud Pak 21.0.1 a 21.0.4 podría permitir que un usuario local realice acciones no autorizadas debido a una configuración de permisos insuficiente. ID de IBM X-Force: 244073. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244073 https://www.ibm.com/support/pages/node/6855839 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-43573 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2022-43573
IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238678 https://www.ibm.com/support/pages/node/6852655 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41740 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2022-41740
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access to the system to obtain highly sensitive information from system memory. IBM X-Force ID: 238053. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238053 https://www.ibm.com/support/pages/node/6852657 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43844 – IBM Robotic Process Automation for Cloud Pak session fixation
https://notcve.org/view.php?id=CVE-2022-43844
IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control. A user is not correctly redirected to the platform log out screen when logging out of IBM RPA for Cloud Pak. IBM X-Force ID: 239081. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239081 https://www.ibm.com/support/pages/node/6852663 • CWE-613: Insufficient Session Expiration •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-38710 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2022-38710
IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information that could aid in further attacks against the system. IBM X-Force ID: 234292. "IBM Robotic Process Automation 21.0.1 y 21.0.2 podrían revelar información confidencial de la versión que podría ayudar en futuros ataques contra el sistema. IBM X-Force ID: 234292". IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version to an unauthorized control sphere information that could aid in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/234292 https://www.ibm.com/support/pages/node/6831681 • CWE-312: Cleartext Storage of Sensitive Information CWE-319: Cleartext Transmission of Sensitive Information CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •