Lucene search

IbmCVELIST:CVE-2022-22505

HistoryJul 29, 2022 - 12:00 a.m.

CVE-2022-22505

2022-07-2900:00:00

ibm

www.cve.org

ibm

robotic process automation

credentials

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.3%

JSON

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. IBM X-Force ID: 227288.

CNA Affected

[
  {
    "product": "Robotic Process Automation",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "21.0.0"
      },
      {
        "status": "affected",
        "version": "21.0.1"
      },
      {
        "status": "affected",
        "version": "21.0.2"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/227288

www.ibm.com/support/pages/node/6608404

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.3%

JSON

Related for CVELIST:CVE-2022-22505