Vulnerabilities > IBM > Robotic Process Automation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-01 | CVE-2022-22505 | Unspecified vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. | 7.5 |
| 2022-08-01 | CVE-2022-30616 | Unspecified vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to elevate their privilege to platform administrator through manipulation of APIs. | 7.2 |
| 2022-08-01 | CVE-2022-33169 | Insufficiently Protected Credentials vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected credentials for users created via a bulk upload. | 6.5 |
| 2022-08-01 | CVE-2022-34338 | Improper Privilege Management vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclose sensitive information due to improper privilege management for storage provider types. | 6.5 |
| 2022-07-26 | CVE-2022-22412 | Unspecified vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token. low complexity ibm | 4.6 |
| 2022-06-24 | CVE-2022-22502 | Cross-site Scripting vulnerability in IBM products IBM Robotic Process Automation 21.0.1 and 21.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2022-06-24 | CVE-2022-33953 | Insufficiently Protected Credentials vulnerability in IBM products IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected access tokens. | 4.6 |
| 2022-06-20 | CVE-2022-22414 | Unspecified vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 21.0.2 could allow a local user to obtain sensitive web service configuration credentials from system memory. | 5.5 |
| 2022-06-17 | CVE-2022-30607 | Information Exposure vulnerability in IBM Robotic Process Automation IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. | 6.5 |
| 2022-05-12 | CVE-2022-22413 | SQL Injection vulnerability in IBM Robotic Process Automation 21.0.0/21.0.1/21.0.2 IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. | 9.8 |