CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22506 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2022-22506
IBM Robotic Process Automation 21.0.2 contains a vulnerability that could allow user ids may be exposed across tenants. IBM X-Force ID: 227293. IBM Robotic Process Automation 21.0.2 contiene una vulnerabilidad que podría permitir que los ID de usuario queden expuestos entre inquilinos. ID de IBM X-Force: 227293. • https://exchange.xforce.ibmcloud.com/vulnerabilities/227293 https://www.ibm.com/support/pages/node/6591237 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-45189 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2023-45189
A vulnerability in IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.10, 23.0.0 through 23.0.10 may result in access to client vault credentials. This difficult to exploit vulnerability could allow a low privileged attacker to programmatically access client vault credentials. IBM X-Force ID: 268752. Una vulnerabilidad en IBM Robotic Process Automation e IBM Robotic Process Automation para Cloud Pak 21.0.0 a 21.0.7.10, 23.0.0 a 23.0.10 puede provocar acceso a las credenciales de la bóveda del cliente. Esta vulnerabilidad difícil de explotar podría permitir que un atacante con pocos privilegios acceda mediante programación a las credenciales de la bóveda del cliente. • https://exchange.xforce.ibmcloud.com/vulnerabilities/268752 https://www.ibm.com/support/pages/node/7065204 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-43058 – IBM Robotic Process Automation privilege escalation
https://notcve.org/view.php?id=CVE-2023-43058
IBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527. IBM Robotic Process Automation 23.0.9 es vulnerable a la escalada de privilegios que afecta la propiedad de los proyectos. ID de IBM X-Force: 247527. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267527 https://www.ibm.com/support/pages/node/7047017 •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-38718 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2023-38718
IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data. IBM X-Force ID: 261606. IBM Robotic Process Automation 21.0.0 a 21.0.7.8 podría revelar información sensible procedente del acceso a scripts de RPA, flujos de trabajo y datos relacionados. ID de IBM X-Force: 261606. • https://exchange.xforce.ibmcloud.com/vulnerabilities/261606 https://www.ibm.com/support/pages/node/7031619 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40370 – IBM Robotic Process Automation information disclosure
https://notcve.org/view.php?id=CVE-2023-40370
IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470. • https://exchange.xforce.ibmcloud.com/vulnerabilities/263470 https://www.ibm.com/support/pages/node/7028218 •