Latest ibm robotic process automation for cloud pak Vulnerabilities

IBM-7065204
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.10, 23.0.0 - 23.0.10
IBM Robotic Process Automation<=21.0.0 - 21.0.7.10, 23.0.0 - 23.0.10
CVE-2023-45189
IBM Robotic Process Automation information disclosure
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.10, 23.0.0 - 23.0.10
IBM Robotic Process Automation<=21.0.0 - 21.0.7.10, 23.0.0 - 23.0.10
IBM Robotic Process Automation for Cloud Pak>=21.0.0<=21.0.7
IBM Robotic Process Automation for Cloud Pak>=23.0.0<=23.0.10
CVE-2023-43058
IBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527.
IBM Robotic Process Automation for Cloud Pak<=23.0.9
IBM Robotic Process Automation<=23.0.9
IBM Robotic Process Automation=23.0.9
IBM Robotic Process Automation for Cloud Pak=23.0.9
Redhat Openshift
IBM-7047017
IBM Robotic Process Automation for Cloud Pak<=23.0.9
IBM Robotic Process Automation<=23.0.9
IBM-7031619
IBM Robotic Process Automation<=21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
CVE-2023-38718
IBM Robotic Process Automation 21.0.0 through 21.0.7.8 could disclose sensitive information from access to RPA scripts, workflows and related data. IBM X-Force ID: 261606.
IBM Robotic Process Automation>=21.0.0<=21.0.7.8
IBM Robotic Process Automation>=23.0.0<=23.0.8
IBM Robotic Process Automation>=21.0.0<=21.0.7.8
IBM Robotic Process Automation>=23.0.0<=23.0.8
IBM Robotic Process Automation<=21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.8, 23.0.0 - 23.0.8
CVE-2023-40370
IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 26347...
IBM Robotic Process Automation<=21.0.0 - 21.0.7.1
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.1
IBM Robotic Process Automation>=21.0.0<=21.0.7.1
IBM Robotic Process Automation for Cloud Pak>=21.0.0<=21.0.7.1
Redhat Openshift
Microsoft Windows
IBM-7028221
IBM Robotic Process Automation<=21.0.0 - 21.0.7
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7
IBM-7028218
IBM Robotic Process Automation<=21.0.0 - 21.0.7.1
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.1
CVE-2023-38732
IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289.
IBM Robotic Process Automation<=21.0.0 - 21.0.7
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7
IBM Robotic Process Automation>=21.0.0<=21.0.7
IBM Robotic Process Automation for Cloud Pak>=21.0.0<=21.0.7
Redhat Openshift
Microsoft Windows
CVE-2023-23476
IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnerable to unauthorized access to data due to insufficient authorization validation on some API routes. IBM X-Force ID: 245425.
IBM Robotic Process Automation>=21.0.0<23.0.0
IBM Robotic Process Automation for Cloud Pak>=21.0.0<23.0.0
IBM Robotic Process Automation<=21.0.0-21.0.7.latest
IBM Robotic Process Automation for Cloud Pak<=21.0.0-21.0.7.latest
IBM-7017490
IBM Robotic Process Automation<=21.0.0-21.0.7.latest
IBM Robotic Process Automation for Cloud Pak<=21.0.0-21.0.7.latest
CVE-2023-35901
IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. IBM X-Force...
IBM Robotic Process Automation<=21.0.0 - 21.0.7.6, 23.0.0 - 23.0.6
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.6, 23.0.0 - 23.0.6
IBM Robotic Process Automation as a Service<=21.0.0 - 21.0.7.6, 23.0.0 - 23.0.6
IBM Robotic Process Automation>=21.0.0<=21.0.7.6
IBM Robotic Process Automation>=23.0.0<=23.0.6
IBM Robotic Process Automation as a Service>=21.0.0<=21.0.7.6
and 4 more
IBM-7012317
IBM Robotic Process Automation<=21.0.0 - 21.0.7.6, 23.0.0 - 23.0.6
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.6, 23.0.0 - 23.0.6
IBM Robotic Process Automation as a Service<=21.0.0 - 21.0.7.6, 23.0.0 - 23.0.6
CVE-2023-35900
IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabil...
IBM Robotic Process Automation<=<= 21.0.7.4, 23.0.0 - 23.0.5
IBM Robotic Process Automation for Cloud Pak<=<= 21.0.7.4, 23.0.0 - 23.0.5
IBM Robotic Process Automation as a Service<=<= 21.0.7.4, 23.0.0 - 23.0.5
IBM Robotic Process Automation<=21.0.7.4
IBM Robotic Process Automation>=23.0.0<=23.0.5
IBM Robotic Process Automation as a Service<=21.0.7.4
and 5 more
IBM-7010895
IBM Robotic Process Automation<=<= 21.0.7.4, 23.0.0 - 23.0.5
IBM Robotic Process Automation for Cloud Pak<=<= 21.0.7.4, 23.0.0 - 23.0.5
IBM Robotic Process Automation as a Service<=<= 21.0.7.4, 23.0.0 - 23.0.5
IBM-7005999
IBM Robotic Process Automation for Cloud Pak<=21.0.1-21.0.7.3, 23.0.0 - 23.0.3
CVE-2023-23468
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a clus...
IBM Robotic Process Automation for Cloud Pak<=21.0.1-21.0.7.3, 23.0.0 - 23.0.3
IBM Robotic Process Automation>=21.0.1<=21.0.7.3
IBM Robotic Process Automation>=23.0.0<=23.0.3
Redhat Openshift
CVE-2023-22593
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges....
IBM Robotic Process Automation for Cloud Pak<=21.0.1-21.0.7.3, 23.0.0 - 23.0.3
IBM Robotic Process Automation>=21.0.1<=21.0.7.3
IBM Robotic Process Automation>=23.0.0<=23.0.3
Redhat Openshift
IBM-7006001
IBM Robotic Process Automation for Cloud Pak<=21.0.1-21.0.7.3, 23.0.0 - 23.0.3
IBM-6962155
IBM Robotic Process Automation<=21.0.0 - 21.0.7, 23.0.0
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7, 23.0.0
IBM Robotic Process Automation as a Service<=< 23.0.1
CVE-2022-46773
IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 2429...
IBM Robotic Process Automation>=21.0.0<21.0.7.1
IBM Robotic Process Automation=23.0.0
IBM Robotic Process Automation as a Service<23.0.1
IBM Robotic Process Automation for Cloud Pak>=21.0.0<21.0.7.1
IBM Robotic Process Automation for Cloud Pak=23.0.0
IBM Robotic Process Automation<=21.0.0 - 21.0.7, 23.0.0
and 2 more
IBM-6962207
IBM Robotic Process Automation for Cloud Pak<=21.0.1 - 21.0.5
IBM Robotic Process Automation<=< 21.0.6
IBM Robotic Process Automation as a Service<=< 21.0.6
CVE-2023-25680
IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. Queue Provider credentials are not obfuscated while editing queue provider details. IBM X-F...
IBM Robotic Process Automation<21.0.6
IBM Robotic Process Automation as a Service<21.0.6
IBM Robotic Process Automation for Cloud Pak>=21.0.1<21.0.6
IBM Robotic Process Automation for Cloud Pak<=21.0.1 - 21.0.5
IBM Robotic Process Automation<=< 21.0.6
IBM Robotic Process Automation as a Service<=< 21.0.6
IBM-6855837
IBM Robotic Process Automation<=< 21.0.3
IBM Robotic Process Automation for Cloud Pak<=< 21.0.3
IBM Robotic Process Automation as a Service<=< 21.0.3
IBM-6855835
IBM Robotic Process Automation<=21.0.0 - 21.0.7.1, 23.0.0 - 23.0.1
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.1, 23.0.0 - 23.0.1
IBM Robotic Process Automation as a Service<=< 23.0.2
CVE-2023-22863
IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive inf...
IBM Robotic Process Automation<=< 21.0.3
IBM Robotic Process Automation for Cloud Pak<=< 21.0.3
IBM Robotic Process Automation as a Service<=< 21.0.3
IBM Robotic Process Automation<21.0.3
IBM Robotic Process Automation as a Service<21.0.3
IBM Robotic Process Automation for Cloud Pak<21.0.3
and 2 more
IBM-6855839
IBM Robotic Process Automation for Cloud Pak<=< 21.0.5
CVE-2023-22594
IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alterin...
IBM Robotic Process Automation<=21.0.0 - 21.0.7.1, 23.0.0 - 23.0.1
IBM Robotic Process Automation for Cloud Pak<=21.0.0 - 21.0.7.1, 23.0.0 - 23.0.1
IBM Robotic Process Automation as a Service<=< 23.0.2
IBM Robotic Process Automation<21.0.5
IBM Robotic Process Automation as a Service<21.0.5
IBM Robotic Process Automation for Cloud Pak<21.0.5
and 2 more
CVE-2023-22592
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073.
IBM Robotic Process Automation for Cloud Pak<=< 21.0.5
IBM Robotic Process Automation for Cloud Pak>=21.0.1<21.0.5
Redhat Openshift
IBM-6852655
IBM Robotic Process Automation for Cloud Pak<=< 21.0.7
IBM Robotic Process Automation<=< 21.0.7
IBM Robotic Process Automation as a Service<=< 21.0.7
CVE-2022-43573
IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. IBM X-Force ID: 238678.
IBM Robotic Process Automation for Cloud Pak<=< 21.0.7
IBM Robotic Process Automation<=< 21.0.7
IBM Robotic Process Automation as a Service<=< 21.0.7
IBM Robotic Process Automation<21.0.7
IBM Robotic Process Automation as a Service<21.0.7
IBM Robotic Process Automation for Cloud Pak<21.0.7
and 2 more
CVE-2022-41740
IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access to the system to obtain highly sensitive information from system memory. IBM X-Force ID: 238053.
IBM Robotic Process Automation for Cloud Pak<=< 21.0.7
IBM Robotic Process Automation<=< 21.0.7
IBM Robotic Process Automation<21.0.7
IBM Robotic Process Automation for Cloud Pak<21.0.7
Redhat Openshift
Microsoft Windows
IBM-6852657
IBM Robotic Process Automation for Cloud Pak<=< 21.0.7
IBM Robotic Process Automation<=< 21.0.7
CVE-2022-43844
IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control. A user is not correctly redirected to the platform log out screen when logging out of IBM RPA ...
IBM Robotic Process Automation for Cloud Pak<=< 21.0.3.1
IBM Robotic Process Automation for Cloud Pak>=20.12<21.0.3.1
Redhat Openshift
IBM-6852663
IBM Robotic Process Automation for Cloud Pak<=< 21.0.3.1
CVE-2022-42442
IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platfo...
IBM Robotic Process Automation for Cloud Pak<21.0.6
Redhat Openshift Container Platform
IBM Robotic Process Automation for Cloud Pak<=< 21.0.6
IBM-6831787
IBM Robotic Process Automation for Cloud Pak<=< 21.0.6
IBM-6831645
IBM Robotic Process Automation<=< 21.0.6
IBM Robotic Process Automation for Cloud Pak<=< 21.0.6
IBM-6826013
IBM Robotic Process Automation<=< 21.0.3
IBM Robotic Process Automation for Cloud Pak<=< 21.0.3
IBM Robotic Process Automation as a Service<=< 21.0.3
IBM-6826011
IBM Robotic Process Automation for Cloud Pak<=< 21.0.4
CVE-2022-38709
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for Cloud Pak is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt...
IBM Robotic Process Automation for Cloud Pak>=21.0.1<21.0.4
Microsoft Windows
IBM Robotic Process Automation for Cloud Pak<=< 21.0.4
CVE-2022-36774
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. IBM X-Force ID: 233575.
IBM Robotic Process Automation>=21.0.0<21.0.3
IBM Robotic Process Automation as a Service>=21.0.0<21.0.3
IBM Robotic Process Automation for Cloud Pak>=21.0.0<21.0.3
Microsoft Windows
IBM Robotic Process Automation<=< 21.0.3
IBM Robotic Process Automation for Cloud Pak<=< 21.0.3
and 1 more
CVE-2022-41294
IBM Robotic Process Automation for Cloud Pak<=< 21.0.5
IBM Robotic Process Automation as a Service<=< 21.0.5
IBM Robotic Process Automation<=< 21.0.5
IBM Robotic Process Automation>=21.0.0<=21.0.4
Microsoft Windows
CVE-2022-39168
IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs.
IBM Robotic Process Automation for Cloud Pak<=21.0.3, 21.0.4
IBM Robotic Process Automation as a Service<=21.0.3, 21.0.4
IBM Robotic Process Automation<=21.0.3, 21.0.4
IBM Robotic Process Automation=21.0.3
IBM Robotic Process Automation=21.0.4
IBM Robotic Process Automation for Cloud Pak=21.0.3
and 3 more
IBM-6825985
IBM Robotic Process Automation for Cloud Pak<=< 21.0.5
IBM Robotic Process Automation as a Service<=< 21.0.5
IBM Robotic Process Automation<=< 21.0.5
IBM-6824885
IBM Robotic Process Automation for Cloud Pak<=21.0.3, 21.0.4
IBM Robotic Process Automation as a Service<=21.0.3, 21.0.4
IBM Robotic Process Automation<=21.0.3, 21.0.4
CVE-2022-38710
IBM Robotic Process Automation information disclosure
IBM Robotic Process Automation<21.0.3
IBM Robotic Process Automation as a Service<21.0.3
IBM Robotic Process Automation for Cloud Pak<21.0.3
Microsoft Windows
<21.0.3
<21.0.3
and 5 more
IBM-6831681
<=< 21.0.3
<=< 21.0.3
<=< 21.0.3
CVE-2022-35280
IBM Robotic Process Automation does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
IBM Robotic Process Automation for Cloud Pak<=< 21.0.3
IBM Robotic Process Automation for Cloud Pak=21.0.0
IBM Robotic Process Automation for Cloud Pak=21.0.1
IBM Robotic Process Automation for Cloud Pak=21.0.2
Microsoft Windows

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203