What is the vulnerability ID for this IBM Robotic Process Automation vulnerability?

The vulnerability ID for this IBM Robotic Process Automation vulnerability is CVE-2022-38710.

What is the severity of CVE-2022-38710?

The severity of CVE-2022-38710 is medium with a CVSS score of 5.3.

Which versions of IBM Robotic Process Automation are affected by CVE-2022-38710?

Versions up to and excluding 21.0.3 of IBM Robotic Process Automation, IBM Robotic Process Automation as a Service, and IBM Robotic Process Automation for Cloud Pak are affected by CVE-2022-38710.

How can I fix CVE-2022-38710?

To fix CVE-2022-38710, apply the patch provided by IBM for Robotic Process Automation version 21.0.3 or upgrade to a version higher than 21.0.3.

Where can I find more information about CVE-2022-38710?

You can find more information about CVE-2022-38710 on the IBM Support Pages (https://www.ibm.com/support/pages/node/6831681) and IBM X-Force Exchange (https://exchange.xforce.ibmcloud.com/vulnerabilities/234292).

Vulnerability/
CVE-2022-38710

medium

5.3

CWE

312 497

26/9/2022

3/11/2022

25/9/2024

CVE-2022-38710: IBM Robotic Process Automation information disclosure

First published: Mon Sep 26 2022(Updated: )

"IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version information that could aid in further attacks against the system. IBM X-Force ID: 234292."

Credit: psirt@us.ibm.com psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Robotic Process Automation	<21.0.3
IBM Robotic Process Automation as a Service	<21.0.3
IBM Robotic Process Automation for Cloud Pak	<21.0.3
Microsoft Windows
IBM Robotic Process Automation	<=< 21.0.3
IBM Robotic Process Automation as a Service	<=< 21.0.3
IBM Robotic Process Automation for Cloud Pak	<=< 21.0.3
All of
Any of
IBM Robotic Process Automation	<21.0.3
IBM Robotic Process Automation as a Service	<21.0.3
IBM Robotic Process Automation for Cloud Pak	<21.0.3
Microsoft Windows

Remedy

https://www.ibm.com/support/pages/node/6831681

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6831681

Frequently Asked Questions

What is the vulnerability ID for this IBM Robotic Process Automation vulnerability?
The vulnerability ID for this IBM Robotic Process Automation vulnerability is CVE-2022-38710.
What is the severity of CVE-2022-38710?
The severity of CVE-2022-38710 is medium with a CVSS score of 5.3.
Which versions of IBM Robotic Process Automation are affected by CVE-2022-38710?
Versions up to and excluding 21.0.3 of IBM Robotic Process Automation, IBM Robotic Process Automation as a Service, and IBM Robotic Process Automation for Cloud Pak are affected by CVE-2022-38710.
How can I fix CVE-2022-38710?
To fix CVE-2022-38710, apply the patch provided by IBM for Robotic Process Automation version 21.0.3 or upgrade to a version higher than 21.0.3.
Where can I find more information about CVE-2022-38710?
You can find more information about CVE-2022-38710 on the IBM Support Pages (https://www.ibm.com/support/pages/node/6831681) and IBM X-Force Exchange (https://exchange.xforce.ibmcloud.com/vulnerabilities/234292).

agent/type
agent/first-publish-date
agent/references
agent/severity
agent/remedy
agent/title
agent/author
agent/softwarecombine
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
agent/tags
collector/nvd-api
source/NVD
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
vendor/ibm
canonical/ibm robotic process automation
version/ibm robotic process automation/< 21.0.3
canonical/ibm robotic process automation as a service
version/ibm robotic process automation as a service/< 21.0.3
canonical/ibm robotic process automation for cloud pak
version/ibm robotic process automation for cloud pak/< 21.0.3
vendor/microsoft
canonical/microsoft windows