Lucene search

IbmCVELIST:CVE-2022-41740

HistoryJan 05, 2023 - 5:30 p.m.

CVE-2022-41740 IBM Robotic Process Automation information disclosure

2023-01-0517:30:38

ibm

www.cve.org

ibm

robotic process automation

information disclosure

vulnerability

system memory.

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.4 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access to the system to obtain highly sensitive information from system memory. IBM X-Force ID: 238053.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Robotic Process Automation",
    "vendor": "IBM",
    "versions": [
      {
        "lessThan": "21.0.6",
        "status": "affected",
        "version": "20.12",
        "versionType": "semver"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/238053

www.ibm.com/support/pages/node/6852657

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.4 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

Related for CVELIST:CVE-2022-41740