Vulnerabilities > IBM > Robotic Process Automation AS A Service > 21.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-15 | CVE-2023-22591 | Insufficient Session Expiration vulnerability in IBM products IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. | 3.2 |
| 2023-03-15 | CVE-2022-46773 | Improper Authentication vulnerability in IBM products IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. | 6.5 |
| 2023-01-05 | CVE-2022-43573 | Information Exposure vulnerability in IBM products IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. | 5.3 |