Multiple vulnerabilities in IBM Robotic Process Automation for Cloud Pak



Published: 2023-03-31
Risk High
Patch available YES
Number of vulnerabilities 29
CVE-ID CVE-2022-2057
CVE-2022-3821
CVE-2022-43680
CVE-2022-35737
CVE-2023-25577
CVE-2023-23934
CVE-2022-47629
CVE-2022-2953
CVE-2022-2869
CVE-2022-2868
CVE-2022-2867
CVE-2022-2521
CVE-2022-2520
CVE-2022-2519
CVE-2022-2058
CVE-2022-2056
CVE-2022-41723
CVE-2022-41717
CVE-2022-32149
CVE-2022-29526
CVE-2022-27664
CVE-2021-43565
CVE-2021-38561
CVE-2022-40304
CVE-2022-40303
CVE-2021-46848
CVE-2022-42012
CVE-2022-42011
CVE-2022-42010
CWE-ID CWE-369
CWE-193
CWE-416
CWE-129
CWE-400
CWE-20
CWE-190
CWE-125
CWE-191
CWE-763
CWE-617
CWE-415
CWE-770
CWE-264
CWE-399
Exploitation vector Network
Public exploit Public exploit code for vulnerability #4 is available.
Public exploit code for vulnerability #18 is available.
Vulnerable software
Subscribe
Robotic Process Automation for Cloud Pak
Other software / Other software solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 29 vulnerabilities.

1) Division by zero

EUVDB-ID: #VU65441

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2057

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error when parsing TIFF files in tiffcrop. A remote attacker can trick the victim to open a specially crafted file and crash the affected application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Off-by-one

EUVDB-ID: #VU69807

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-3821

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the format_timespan() function in time-util.c. A local user can trigger an off-by-one error and perform a denial of service (DoS) attack.


Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Use-after-free

EUVDB-ID: #VU68718

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-43680

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Improper Validation of Array Index

EUVDB-ID: #VU67414

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-35737

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error when handling an overly large input passed as argument to a C API. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Resource exhaustion

EUVDB-ID: #VU72339

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2023-25577

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources when parsing multipart form data with many fields. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Input validation error

EUVDB-ID: #VU72340

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-23934

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient validation of "nameless" cookies. A remote attacker can manipulate cookie values for an arbitrary domain.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Integer overflow

EUVDB-ID: #VU70474

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-47629

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in the CRL signature parser. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Out-of-bounds read

EUVDB-ID: #VU68820

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2953

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the extractImageSection() function in tools/tiffcrop.c. A remote attacker can pass a specially crafted TIFF file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Integer underflow

EUVDB-ID: #VU67138

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-2869

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer underflow within the extractContigSamples8bits routine in the tiffcrop utility. A remote attacker can pass  a specially crafted file to the affected application, trigger an integer underflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Out-of-bounds read

EUVDB-ID: #VU67140

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2868

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the tiffcrop utility. A remote attacker can pass a specially crafted file to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Integer underflow

EUVDB-ID: #VU67137

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-2867

CWE-ID: CWE-191 - Integer underflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer underflow within the tiffcrop utility. A remote attacker can pass a specially crafted file to the affected application, trigger an integer underflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Release of invalid pointer or reference

EUVDB-ID: #VU69401

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2521

CWE-ID: CWE-763 - Release of invalid pointer or reference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an invalid pointer free operation within the TIFFClose() function in tif_close.c. A remote attacker can pass a specially crafted file to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Reachable Assertion

EUVDB-ID: #VU69400

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2520

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion within the rotateImage() function in tiffcrop.c. A remote attacker can pass a specially crafted file to the application, trigger assertion failure and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Double Free

EUVDB-ID: #VU69402

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2519

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the rotateImage() function in tiffcrop.c. A remote attacker can pass a specially crafted file to the application, trigger a double free and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Division by zero

EUVDB-ID: #VU65439

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2058

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error when parsing TIFF files in tiffcrop. A remote attacker can trick the victim to open a specially crafted file and crash the affected application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Division by zero

EUVDB-ID: #VU65440

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2056

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error when parsing TIFF files in tiffcrop. A remote attacker can trick the victim to open a specially crafted file and crash the affected application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Resource exhaustion

EUVDB-ID: #VU72686

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41723

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in the HPACK decoder. A remote attacker can send a specially crafted HTTP/2 stream to the application, cause resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

18) Allocation of Resources Without Limits or Throttling

EUVDB-ID: #VU70334

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-41717

CWE-ID: CWE-770 - Allocation of Resources Without Limits or Throttling

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to excessive memory growth when handling HTTP/2 server requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

19) Resource exhaustion

EUVDB-ID: #VU68897

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-32149

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to ParseAcceptLanguage does not properly control consumption of internal resources. A remote attacker can send a specially crafted Accept-Language header that will take a significant time to parse and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

20) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU63173

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-29526

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to the Faccessat function can incorrectly report that a file is accessible, when called with a non-zero flags parameter. An attacker can bypass implemented security restrictions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

21) Input validation error

EUVDB-ID: #VU67396

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-27664

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

22) Input validation error

EUVDB-ID: #VU64805

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-43565

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when parsing a Signer to ServerConfig.AddHostKey in cases where the Signer passed to AddHostKey does not implement AlgorithmSigner or the Signer passed to AddHostKey returns a key of type “ssh-rsa” from its PublicKey method. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

23) Out-of-bounds read

EUVDB-ID: #VU65006

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-38561

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

24) Resource management error

EUVDB-ID: #VU68829

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-40304

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in entities.c due to the way libxml2 handles reference cycles. The library does not anticipate that entity content can be allocated from a dict and clears it upon reference cycle detection by setting its first byte to zero. This can lead to memory corruption  issues, such as double free errors and result in a denial of service.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

25) Integer overflow

EUVDB-ID: #VU68828

Risk: High

CVSSv3.1:

CVE-ID: CVE-2022-40303

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in parse.c when processing content when XML_PARSE_HUGE is set. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

26) Off-by-one

EUVDB-ID: #VU68858

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2021-46848

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an ETYPE_OK off-by-one error in asn1_encode_simple_der in Libtasn1. A remote attacker can pass specially crafted data to the application, trigger an off-by-one error and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

27) Use-after-free

EUVDB-ID: #VU67971

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-42012

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error caused by a message in non-native endianness with out-of-band Unix file descriptors. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

28) Out-of-bounds read

EUVDB-ID: #VU67970

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-42011

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error caused by an invalid array of fixed-length elements where the length of the array is not a multiple of the length of the element. A local user can trigger an out-of-bounds read and gain access to sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

29) Reachable Assertion

EUVDB-ID: #VU67969

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-42010

CWE-ID: CWE-617 - Reachable Assertion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion in debug builds caused by a syntactically invalid type signature with incorrectly nested parentheses and curly brackets. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Robotic Process Automation for Cloud Pak: before 21.0.7.3


CPE2.3 External links

http://www.ibm.com/support/pages/node/6967291


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###