Lucene search

[email protected]NVD:CVE-2023-38718

HistorySep 20, 2023 - 8:15 p.m.

CVE-2023-38718

2023-09-2020:15:11

CWE-200

[email protected]

web.nvd.nist.gov

ibm

robotic process automation

sensitive information

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

JSON

IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data. IBM X-Force ID: 261606.

Affected configurations

NVD

Node

ibmrobotic_process_automationRange21.0.0–21.0.7.8

ibmrobotic_process_automationRange23.0.0–23.0.8

Node

ibmrobotic_process_automationRange21.0.0–21.0.7.8cloud_pak

ibmrobotic_process_automationRange23.0.0–23.0.8cloud_pak

References

exchange.xforce.ibmcloud.com/vulnerabilities/261606

www.ibm.com/support/pages/node/7031619

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

JSON

Related for NVD:CVE-2023-38718

cve1 prion1 cvelist1 ibm1