Description
IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnerable to unauthorized access to data due to insufficient authorization validation on some API routes. IBM X-Force ID: 245425.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- ibm / robotic_process_automation21.0.0 – 21.0.7.latest
- ibm / robotic_process_automation_for_cloud_pak21.0.0 – 21.0.7.latest