CVE-2022-33169

Description

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created via a bulk upload. IBM X-Force ID: 228888.

CVSS breakdown

CVSS 3.0

Scope

Unchanged

Availability

None

Confidentiality

None

Integrity

High

Attack Complexity

High

User Interaction

None

Attack Vector

Network

Privileges Required

Low

Unchanged

Changed

Affected products

ibm / robotic_process_automation21.0.0 – 21.0.0
ibm / robotic_process_automation21.0.1 – 21.0.1
ibm / robotic_process_automation21.0.2 – 21.0.2

References

MISChttps://www.ibm.com/support/pages/node/6608454
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/228888