Vulnerabilities > IBM > Robotic Process Automation FOR Cloud PAK > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-18	CVE-2023-22592	Incorrect Permission Assignment for Critical Resource vulnerability in IBM Robotic Process Automation for Cloud PAK IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. local low complexity ibm CWE-732	7.8
2023-01-05	CVE-2022-43844	Insufficient Session Expiration vulnerability in IBM Robotic Process Automation for Cloud PAK IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control. network low complexity ibm CWE-613	8.8
2022-11-03	CVE-2022-43574	Incorrect Default Permissions vulnerability in IBM products "IBM Robotic Process Automation 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to incorrect permission assignment which could allow access to application configurations. network low complexity ibm CWE-276	7.5
2022-09-29	CVE-2022-39168	Insufficiently Protected Credentials vulnerability in IBM products IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. network low complexity ibm CWE-522	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.