Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Robotic Process Automation As A Service Security Vulnerabilities - 2023

cve
cve

CVE-2022-43573

IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678.

5.3CVSS

5.2AI Score

0.001EPSS

2023-01-05 06:15 PM
56
cve
cve

CVE-2022-46773

IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951.

6.5CVSS

6.3AI Score

0.0005EPSS

2023-03-15 08:15 PM
33
cve
cve

CVE-2023-22591

IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. IBM X-Force ID: 243710.

3.9CVSS

4AI Score

0.001EPSS

2023-03-15 09:15 PM
31
cve
cve

CVE-2023-22594

IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS

5.2AI Score

0.001EPSS

2023-01-18 07:15 PM
31
cve
cve

CVE-2023-22863

IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109.

5.9CVSS

5.4AI Score

0.001EPSS

2023-01-18 07:15 PM
32
cve
cve

CVE-2023-25680

IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. Queue Provider credentials are not obfuscated while editing queue provider details. IBM X-Force ID: 247032.

6.5CVSS

6.3AI Score

0.001EPSS

2023-03-15 08:15 PM
34
cve
cve

CVE-2023-35900

IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368.

5.3CVSS

5.2AI Score

0.001EPSS

2023-07-19 01:15 AM
30
cve
cve

CVE-2023-35901

IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. IBM X-Force ID: 259380.

5.3CVSS

5.2AI Score

0.001EPSS

2023-07-17 12:15 AM
34