CVE-2022-43844

CVE-2022-43844: IBM Robotic Process Automation for Cloud Pak session fixation

Vendor Ibm
Product Robotic Process Automation for Cloud Pak
Weakness CWE-613 · Insufficient session expiration
Published January 5, 2023
Last update April 10, 2025

CVSS base score

What the vulnerability does

01Description

IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control. A user is not correctly redirected to the platform log out screen when logging out of IBM RPA for Cloud Pak. IBM X-Force ID: 239081.

Key dates

02Disclosure timeline

January 5, 2023 CVE published
April 10, 2025 Record updated