Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM46657F1D8C262DCFE8EB264814C611FE7262CB96EAF8ADFBE757A107ECCA069D
HistoryOct 11, 2022 - 3:35 p.m.

Security Bulletin: IBM Robotic Process Automation is vulnerable to insufficient protection of credentials created in the control center.

2022-10-1115:35:17
www.ibm.com
10
ibm robotic process automation
insufficient protection
credentials
control center
vulnerability
cloud pak
remediation
update
instructions
JSON

Summary

IBM Robotic Process Automation is vulnerable to insufficient protection of credentials created in the control center.

Vulnerability Details

CVEID:CVE-2022-41293
**DESCRIPTION:**IBM Robotic Process Automation is vulnerable to insufficient protection of credentials created in the control center.
CVSS Base score: 4.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236806 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Robotic Process Automation for Cloud Pak < 21.0.3
IBM Robotic Process Automation as a Service < 21.0.3
IBM Robotic Process Automation < 21.0.3

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now.

Product(s) **Version(s) number and/or range ** Remediation/Fix/Instructions
IBM Robotic Process Automation < 21.0.3 Download 21.0.3 or higher, and follow instructions.
IBM Robotic Process Automation for Cloud Pak < 21.0.3 Update to 21.0.3 or higher using the following instructions.
IBM Robotic Process Automation as a Service < 21.0.3 All IBM Robotic Process Automation as a Service servers have been updated to 21.0.3 or higher.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmrobotic_process_automationMatch21.0.0
OR
ibmrobotic_process_automationMatch21.0.1
OR
ibmrobotic_process_automationMatch21.0.2
VendorProductVersionCPE
ibmrobotic_process_automation21.0.0cpe:2.3:a:ibm:robotic_process_automation:21.0.0:*:*:*:*:*:*:*
ibmrobotic_process_automation21.0.1cpe:2.3:a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*
ibmrobotic_process_automation21.0.2cpe:2.3:a:ibm:robotic_process_automation:21.0.2:*:*:*:*:*:*:*

Related

cve 1
cve
cve
CVE-2022-41293
2022-10-11 20:07:30
JSON
Related for 46657F1D8C262DCFE8EB264814C611FE7262CB96EAF8ADFBE757A107ECCA069D
cve1