Robotic Process Automation

21.0.7.latest

OTHER 1 CVE

21.0.1, 21.0.2, 21.0.3

OTHER 1 CVE

21.0.1, 21.0.2

OTHER 1 CVE

21.0.1

SEMANTIC 21 CVEs

21.0.4

SEMANTIC 2 CVEs

20.12.0

SEMANTIC 1 CVE

20.12

MAJOR_MINOR 2 CVEs

21.0.7.17

OTHER 1 CVE

23.0.9

SEMANTIC 1 CVE

23.0.1

SEMANTIC 2 CVEs

21.0.2

SEMANTIC 19 CVEs

23.0.8

SEMANTIC 1 CVE

20.12.5

SEMANTIC 1 CVE

23.0.5

SEMANTIC 1 CVE

23.0.6

SEMANTIC 1 CVE

23.0.19

SEMANTIC 1 CVE

21.0.3

SEMANTIC 3 CVEs

21.0.7.6

OTHER 1 CVE

23.0.10

SEMANTIC 1 CVE

23.0.0

SEMANTIC 11 CVEs

21.0.7.1

OTHER 3 CVEs

21.0.7.10

OTHER 1 CVE

21.0.7.4

OTHER 1 CVE

21.0.0

SEMANTIC 28 CVEs

21.0.7.8

OTHER 1 CVE

21.0.7.18

OTHER 1 CVE

21.0.7.19

OTHER 1 CVE

21.0.7

SEMANTIC 1 CVE

23.0.18

SEMANTIC 2 CVEs

20.10.0

SEMANTIC 1 CVE

CVE-2022-46773

IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951.

MEDIUM Mar 15, 2023

CVE-2022-41294

IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross origin resource sharing using the bot api. IBM X-Force ID: 236807.

MEDIUM Oct 06, 2022

CVE-2022-38709

IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 for Cloud Pak is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 234291.

MEDIUM Oct 06, 2022

CVE-2022-22503

IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 227125.

MEDIUM Oct 06, 2022

CVE-2022-35280

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634.

MEDIUM Aug 10, 2022

CVE-2022-33169

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created via a bulk upload. IBM X-Force ID: 228888.

MEDIUM Jul 31, 2022

CVE-2022-22505

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. IBM X-Force ID: 227288.

MEDIUM Jul 31, 2022

CVE-2022-22334

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user to access information from a tenant of which they should not have access. IBM X-Force ID: 219391.

MEDIUM Jul 31, 2022

CVE-2022-22413

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 223022.

MEDIUM May 12, 2022

CVE-2022-22434

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modified to create additional objects. IBM X-Force ID: 224159.

MEDIUM May 05, 2022