Lucene search
HistoryAug 10, 2022 - 5:15 p.m.
CVE-2022-35280
ibm robotic process automation
weak passwords
user accounts
security vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.003
Percentile
66.1%
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634.
Affected configurations
Node
ibmrobotic_process_automation_for_cloud_pakMatch21.0.0
ORibmrobotic_process_automation_for_cloud_pakMatch21.0.1
ORibmrobotic_process_automation_for_cloud_pakMatch21.0.2
microsoftwindowsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | robotic_process_automation_for_cloud_pak | 21.0.0 | cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:21.0.0:*:*:*:*:*:*:* |
| ibm | robotic_process_automation_for_cloud_pak | 21.0.1 | cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:21.0.1:*:*:*:*:*:*:* |
| ibm | robotic_process_automation_for_cloud_pak | 21.0.2 | cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:21.0.2:*:*:*:*:*:*:* |
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
Related
cnvd
cnvd
prion
prion
Default credentials
2022-08-10 17:15:00
cvelist
cvelist
CVE-2022-35280
2022-08-10 16:50:30
ibm
ibm
cve
cve
CVE-2022-35280
2022-08-10 17:15:09
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.003
Percentile
66.1%
Related for NVD:CVE-2022-35280