CVE-2022-33954
MEDIUM
4,6
Source: [email protected]
Attack Vector: physical
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none
Description
AI Translation Available
IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0004
Percentile
0,1th
Updated
EPSS Score Trend (Last 90 Days)
522
Insufficiently Protected Credentials
IncompleteCommon Consequences
Security Scopes Affected:
Access Control
Potential Impacts:
Gain Privileges Or Assume Identity
Applicable Platforms
Technologies:
ICS/OT, Not Technology-Specific, Web Based
Application
Robotic Process Automation by Ibm
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ibm:robotic_process_automation:21.0.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Robotic Process Automation by Ibm
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Robotic Process Automation by Ibm
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ibm:robotic_process_automation:21.0.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.ibm.com/support/pages/node/6608458