CVE-2023-22592

Опубликовано: 18 янв. 2023

Источник: nvd

CVSS3: 4

CVSS3: 7.8

EPSS Низкий

Описание

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/244073
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6855839
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/244073
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6855839
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:*:*:*:*:*:*:*:*

Версия от 21.0.1 (включая) до 21.0.5 (исключая)

cpe:2.3:o:redhat:openshift:-:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00078

Низкий

4 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-732

Связанные уязвимости

GHSA-f868-pffj-c6gh

CVSS3: 7.8

github

около 3 лет назад

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings. IBM X-Force ID: 244073.

EPSS

Процентиль: 23%

0.00078

Низкий

4 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-732