Lucene search

[email protected]NVD:CVE-2022-22506

HistoryFeb 12, 2024 - 8:15 p.m.

CVE-2022-22506

2024-02-1220:15:08

CWE-200

[email protected]

web.nvd.nist.gov

ibm

robotic process automation

vulnerability

user ids

exposed

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.5

Confidence

High

EPSS

Percentile

15.5%

JSON

IBM Robotic Process Automation 21.0.2 contains a vulnerability that could allow user ids may be exposed across tenants. IBM X-Force ID: 227293.

Affected configurations

Nvd

Node

ibmrobotic_process_automationMatch21.0.2

VendorProductVersionCPE
ibmrobotic_process_automation21.0.2cpe:2.3:a:ibm:robotic_process_automation:21.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	robotic_process_automation	21.0.2	cpe:2.3:a:ibm:robotic_process_automation:21.0.2:::::::*

References

exchange.xforce.ibmcloud.com/vulnerabilities/227293

www.ibm.com/support/pages/node/6591237

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

4.5

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for NVD:CVE-2022-22506

cve1 ibm1 prion1 cvelist1 vulnrichment1