Ibm Robotic Process Automation As A Service — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Robotic Process Automation As A Service, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2022-22433 — CVSS 7.5 (high): IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to External Service Interaction attack, caused by improper validation of…
CVE-2022-22503 — CVSS 6.1 (medium): IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to…
CVE-2023-22863 — CVSS 5.9 (medium): IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in…
CVE-2022-22319 — CVSS 5.4 (medium): IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption…
CVE-2022-22502 — CVSS 5.4 (medium): IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2022-38710 — CVSS 5.3 (medium): IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version to an unauthorized control sphere information that could…
CVE-2022-36774 — CVSS 5.3 (medium): IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client…
CVE-2022-22490 — CVSS 4.9 (medium): IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential…
CVE-2022-33953 — CVSS 4.6 (medium): IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due…
CVE-2023-22594 — CVSS 4.6 (medium): IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users…
CVE-2022-22434 — CVSS 4.6 (medium): IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modified to…
CVE-2023-35900 — CVSS 4.3 (medium): IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version…
CVE-2022-46773 — CVSS 4.3 (medium): IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid…
CVE-2023-25680 — CVSS 4.2 (medium): IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. Queue Provider credentials are…
CVE-2023-22591 — CVSS 3.9 (low): IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to…
CVE-2022-43573 — CVSS 3.1 (low): IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform…
CVE-2023-35901 — CVSS 2.7 (low): IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could…