Description
IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross origin resource sharing using the bot api. IBM X-Force ID: 236807.
CVSS breakdown
CVSS 3.0
Confidentiality
Low
Integrity
Low
Scope
Unchanged
User Interaction
None
Privileges Required
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
E
Unchanged
RL
O
RC
Changed
Affected products
- ibm / robotic_process_automation21.0.0 – 21.0.0
- ibm / robotic_process_automation21.0.1 – 21.0.1
- ibm / robotic_process_automation21.0.2 – 21.0.2
- ibm / robotic_process_automation21.0.3 – 21.0.3
- ibm / robotic_process_automation21.0.4 – 21.0.4