IBM Robotic Process Automation
By the Year
In 2022 there have been 8 vulnerabilities in IBM Robotic Process Automation with an average score of 6.5 out of ten. Robotic Process Automation did not have any published security vulnerabilities last year. That is, 8 more vulnerabilities have already been reported in 2022 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2022 | 8 | 6.48 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Robotic Process Automation vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Robotic Process Automation Security Vulnerabilities
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could
CVE-2022-30616
7.2 - High
- August 01, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to elevate their privilege to platform administrator through manipulation of APIs. IBM X-Force ID: 227978.
Improper Privilege Management
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed
CVE-2022-22505
7.5 - High
- August 01, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. IBM X-Force ID: 227288.
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could
CVE-2022-22334
4.3 - Medium
- August 01, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user to access information from a tenant of which they should not have access. IBM X-Force ID: 219391.
Exposure of Resource to Wrong Sphere
IBM Robotic Process Automation 21.0.0
CVE-2022-34338
6.5 - Medium
- August 01, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information due to improper privilege management for storage provider types. IBM X-Force ID: 229962.
Improper Privilege Management
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created
CVE-2022-33169
6.5 - Medium
- August 01, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created via a bulk upload. IBM X-Force ID: 228888.
Insufficiently Protected Credentials
IBM Robotic Process Automation 21.0.1 and 21.0.2 could
CVE-2022-33953
4.6 - Medium
- June 24, 2022
IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. IBM X-Force ID: 229198.
Insufficiently Protected Credentials
IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting
CVE-2022-22502
5.4 - Medium
- June 24, 2022
IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124.
XSS
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection
CVE-2022-22413
9.8 - Critical
- May 12, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022.
SQL Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Robotic Process Automation or by IBM? Click the Watch button to subscribe.
