CVE-2022-22490
https://notcve.org/view.php?id=CVE-2022-22490
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential information. IBM X-Force ID: 226342. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, podría permitir a un usuario privilegiado obtener información confidencial de credenciales del bot de Azure. IBM X-Force ID: 226342 • https://exchange.xforce.ibmcloud.com/vulnerabilities/226342 https://www.ibm.com/support/pages/node/6610397 • CWE-552: Files or Directories Accessible to External Parties •
CVE-2022-34338
https://notcve.org/view.php?id=CVE-2022-34338
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information due to improper privilege management for storage provider types. IBM X-Force ID: 229962. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, podría divulgar información confidencial debido a una administración inapropiada de los privilegios para los tipos de proveedores de almacenamiento. IBM X-Force ID: 229962 • https://exchange.xforce.ibmcloud.com/vulnerabilities/229962 https://www.ibm.com/support/pages/node/6608606 • CWE-269: Improper Privilege Management •
CVE-2022-33169
https://notcve.org/view.php?id=CVE-2022-33169
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created via a bulk upload. IBM X-Force ID: 228888. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, es vulnerable a credenciales protegidas insuficientemente para usuarios creados por medio de una carga masiva. IBM X-Force ID: 228888 • https://exchange.xforce.ibmcloud.com/vulnerabilities/228888 https://www.ibm.com/support/pages/node/6608454 • CWE-522: Insufficiently Protected Credentials •
CVE-2022-30616
https://notcve.org/view.php?id=CVE-2022-30616
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to elevate their privilege to platform administrator through manipulation of APIs. IBM X-Force ID: 227978. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, podría permitir a un usuario privilegiado elevar los privilegios a administrador de la plataforma mediante la manipulación de las API. IBM X-Force ID: 227978 • https://exchange.xforce.ibmcloud.com/vulnerabilities/227978 https://www.ibm.com/support/pages/node/6608430 •
CVE-2022-22505
https://notcve.org/view.php?id=CVE-2022-22505
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. IBM X-Force ID: 227288. IBM Robotic Process Automation versiones 21.0.0, 21.0.1 y 21.0.2, contiene una vulnerabilidad que podría permitir la exposición de las credenciales de los inquilinos de IBM. IBM X-Force ID: 227288 • https://exchange.xforce.ibmcloud.com/vulnerabilities/227288 https://www.ibm.com/support/pages/node/6608404 •