CVE-2023-22593 MEDIUM

CVE-2023-22593: IBM Robotic Process Automation for Cloud Pak security configuration

Vendor Ibm
Product Robotic Process Automation for Cloud Pak
Published June 27, 2023
Last update November 6, 2024

CVSS base score

4.0/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges. IBM X-Force ID: 244074.

Key dates

02Disclosure timeline

June 27, 2023 CVE published
November 6, 2024 Record updated