CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2022-43573 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2022-43573
IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238678 https://www.ibm.com/support/pages/node/6852655 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41740 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2022-41740
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access to the system to obtain highly sensitive information from system memory. IBM X-Force ID: 238053. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238053 https://www.ibm.com/support/pages/node/6852657 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43574
https://notcve.org/view.php?id=CVE-2022-43574
"IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to incorrect permission assignment which could allow access to application configurations. IBM X-Force ID: 238679." "IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4 y 21.0.5 es vulnerable a una asignación de permisos incorrecta que podría permitir el acceso a las configuraciones de la aplicación. ID de IBM X-Force: 238679". • https://www.ibm.com/support/pages/node/6831645 • CWE-276: Incorrect Default Permissions •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42442 – IBM Robotic Process Automation for Cloud Pak information disclosure
https://notcve.org/view.php?id=CVE-2022-42442
IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform. IBM X-Force ID: 238214. IBM Robotic Process Automation para Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4 y 21.0.5 es vulnerable a la exposición de la dirección de correo electrónico del propietario del primer inquilino a los usuarios con acceso a la plataforma de contenedores. ID de IBM X-Force: 238214. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238214 https://www.ibm.com/support/pages/node/6831787 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-39168
https://notcve.org/view.php?id=CVE-2022-39168
IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422. IBM Robotic Process Automation Clients son vulnerables a una exposición de credenciales de proxy en los registros de actualización. IBM X-Force ID: 235422 • https://exchange.xforce.ibmcloud.com/vulnerabilities/235422 https://www.ibm.com/support/pages/node/6824885 • CWE-522: Insufficiently Protected Credentials •