Robotic Process Automation IBM Robotic Process Automation

Do you want an email whenever new security vulnerabilities are reported in IBM Robotic Process Automation?

By the Year

In 2022 there have been 8 vulnerabilities in IBM Robotic Process Automation with an average score of 6.5 out of ten. Robotic Process Automation did not have any published security vulnerabilities last year. That is, 8 more vulnerabilities have already been reported in 2022 as compared to last year.

Year Vulnerabilities Average Score
2022 8 6.48
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Robotic Process Automation vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent IBM Robotic Process Automation Security Vulnerabilities

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could

CVE-2022-30616 7.2 - High - August 01, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to elevate their privilege to platform administrator through manipulation of APIs. IBM X-Force ID: 227978.

Improper Privilege Management

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed

CVE-2022-22505 7.5 - High - August 01, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. IBM X-Force ID: 227288.

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could

CVE-2022-22334 4.3 - Medium - August 01, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user to access information from a tenant of which they should not have access. IBM X-Force ID: 219391.

Exposure of Resource to Wrong Sphere

IBM Robotic Process Automation 21.0.0

CVE-2022-34338 6.5 - Medium - August 01, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information due to improper privilege management for storage provider types. IBM X-Force ID: 229962.

Improper Privilege Management

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created

CVE-2022-33169 6.5 - Medium - August 01, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created via a bulk upload. IBM X-Force ID: 228888.

Insufficiently Protected Credentials

IBM Robotic Process Automation 21.0.1 and 21.0.2 could

CVE-2022-33953 4.6 - Medium - June 24, 2022

IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. IBM X-Force ID: 229198.

Insufficiently Protected Credentials

IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting

CVE-2022-22502 5.4 - Medium - June 24, 2022

IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227124.

XSS

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection

CVE-2022-22413 9.8 - Critical - May 12, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022.

SQL Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for IBM Robotic Process Automation or by IBM? Click the Watch button to subscribe.

IBM
Vendor

subscribe