CVE-2022-34338

Description

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information due to improper privilege management for storage provider types. IBM X-Force ID: 229962.

CVSS breakdown

CVSS 3.0

Scope

Changed

Confidentiality

High

Availability

None

Attack Complexity

High

Integrity

None

User Interaction

None

Attack Vector

Network

Privileges Required

High

Unchanged

Changed

Affected products

ibm / robotic_process_automation21.0.0 – 21.0.0
ibm / robotic_process_automation21.0.1 – 21.0.1
ibm / robotic_process_automation21.0.2 – 21.0.2

References

MISChttps://www.ibm.com/support/pages/node/6608606
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/229962