Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-35900

IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368.

Published

2023-07-19T01:15:10.747

Last Modified

2024-11-21T08:08:57.160

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-200
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	robotic_process_automation	≤ 21.0.7.4	Yes
Application	ibm	robotic_process_automation	≤ 23.0.5	Yes
Application	ibm	robotic_process_automation_as_a_service	≤ 21.0.7.4	Yes
Application	ibm	robotic_process_automation_as_a_service	≤ 23.0.5	Yes
Application	ibm	robotic_process_automation_for_cloud_pak	≤ 21.0.7.4	Yes
Application	ibm	robotic_process_automation_for_cloud_pak	≤ 23.0.5	Yes
Application	redhat	openshift	-	No
Operating System	microsoft	windows	-	No

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/259368 VDB Entry, Vendor Advisory ([email protected])
https://www.ibm.com/support/pages/node/7010895 Patch, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/259368 VDB Entry, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/7010895 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)