Vulnerabilities > IBM > Robotic Process Automation > 21.0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-15 | CVE-2023-22591 | Insufficient Session Expiration vulnerability in IBM products IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. | 3.2 |
| 2023-03-15 | CVE-2022-46773 | Improper Authentication vulnerability in IBM products IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. | 6.5 |