threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm robotic process automation as a service
Product
ibm robotic process automation as a service
17 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-35900
<= 21.0.7.4
IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server
4.3
MEDIUM
CVE-2023-35901
>= 21.0.0 and <= 21.0.7.6
IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass wh
2.7
LOW
CVE-2023-22591
< 23.0.2
IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the syst
3.9
LOW
CVE-2023-25680
< 21.0.6
IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. Queue Provider cred
4.2
MEDIUM
CVE-2022-46773
< 23.0.1
IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Inv
4.3
MEDIUM
CVE-2023-22863
< 21.0.3
IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly spec
5.9
MEDIUM
CVE-2023-22594
< 21.0.5
IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allo
4.6
MEDIUM
CVE-2022-43573
< 21.0.7
IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of pl
3.1
LOW
CVE-2022-38710
< 21.0.3
IBM Robotic Process Automation 21.0.1 and 21.0.2 could disclose sensitive version to an unauthorized control sphere information th
5.3
MEDIUM
CVE-2022-36774
>= 21.0.0 and < 21.0.3
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the c
5.3
MEDIUM
CVE-2022-22503
< 21.0.1
IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a v
6.1
MEDIUM
CVE-2022-22490
all versions
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain sensitive Azure bot credential i
4.9
MEDIUM
CVE-2022-33953
< 21.0.2.5
IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive inform
4.6
MEDIUM
CVE-2022-22502
< 21.0.2.2
IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed a
5.4
MEDIUM
CVE-2022-22319
all versions
IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disr
5.4
MEDIUM
CVE-2022-22434
all versions
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modifie
4.6
MEDIUM
CVE-2022-22433
all versions
IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to External Service Interaction attack, caused by improper validati
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin