CVE-2023-40370
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2023-40370 is a newly identified vulnerability affecting IBM Robotic Process Automation (RPA) versions 21.0.0 through 21.0.7.1. This issue permits information disclosure of script content when the remote REST request computer policy is enabled. IBM X-Force has assigned the ID 263470 to this vulnerability. Hackers could exploit this flaw to gain unauthorized access to sensitive data or modify automated workflows, posing a significant risk to organizations using IBM RPA. It is recommended that users immediately update their IBM RPA installations to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- IBM Robotic Process Automation
- Ibm Robotic Process Automation For Cloud Pak
Affected Vendors
- IBM Corporation