What is the vulnerability ID for this vulnerability?

The vulnerability ID for this vulnerability is CVE-2023-38718.

What is the severity of CVE-2023-38718?

The severity of CVE-2023-38718 is medium with a severity value of 5.3.

Which software versions are affected by CVE-2023-38718?

IBM Robotic Process Automation versions 21.0.0 through 21.0.7.8 and 23.0.0 through 23.0.8 are affected.

How can CVE-2023-38718 be exploited?

CVE-2023-38718 can be exploited by accessing RPA scripts, workflows, and related data.

Are there any references available for CVE-2023-38718?

Yes, you can find references for CVE-2023-38718 at the following links: [IBM X-Force ID: 261606](https://exchange.xforce.ibmcloud.com/vulnerabilities/261606) and [IBM support page](https://www.ibm.com/support/pages/node/7031619).

Vulnerability/
CVE-2023-38718

medium

5.3

CWE

200

11/9/2023

20/9/2023

24/9/2024

CVE-2023-38718: IBM Robotic Process Automation information disclosure

First published: Mon Sep 11 2023(Updated: )

IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data. IBM X-Force ID: 261606.

Credit: psirt@us.ibm.com psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Robotic Process Automation	<=21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
IBM Robotic Process Automation for Cloud Pak	<=21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
IBM Robotic Process Automation	>=21.0.0<=21.0.7.8
IBM Robotic Process Automation	>=23.0.0<=23.0.8
Ibm Robotic Process Automation	>=21.0.0<=21.0.7.8
Ibm Robotic Process Automation	>=23.0.0<=23.0.8

Remedy

https://www.ibm.com/support/pages/node/7031619

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7031619

Frequently Asked Questions

What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-38718.
What is the severity of CVE-2023-38718?
The severity of CVE-2023-38718 is medium with a severity value of 5.3.
Which software versions are affected by CVE-2023-38718?
IBM Robotic Process Automation versions 21.0.0 through 21.0.7.8 and 23.0.0 through 23.0.8 are affected.
How can CVE-2023-38718 be exploited?
CVE-2023-38718 can be exploited by accessing RPA scripts, workflows, and related data.
Are there any references available for CVE-2023-38718?
Yes, you can find references for CVE-2023-38718 at the following links: [IBM X-Force ID: 261606](https://exchange.xforce.ibmcloud.com/vulnerabilities/261606) and [IBM support page](https://www.ibm.com/support/pages/node/7031619).

agent/author
agent/references
agent/type
agent/first-publish-date
agent/severity
agent/title
agent/remedy
agent/weakness
agent/description
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup-request
collector/nvd-api
collector/nvd-index
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/trending
vendor/ibm
canonical/ibm robotic process automation
version/ibm robotic process automation/21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
canonical/ibm robotic process automation for cloud pak
version/ibm robotic process automation for cloud pak/21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
version/ibm robotic process automation/21.0.0
version/ibm robotic process automation/21.0.7.8
version/ibm robotic process automation/23.0.0
version/ibm robotic process automation/23.0.8

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.