CVE-2022-22319

CWE-732Incorrect Permission Assignment3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.3%
top 45.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Robotic Process AutomationIBM Robotic Process Automation AS A Service
Timeline
PublishedMay 9
Latest updateMay 10

Description

IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically delete a queue that could cause disruption for any scripts dependent on the queue. IBM X-Force ID: 218366.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages3 packages

NVDibm/robotic_process_automation21.0.1, 21.0.1.2+1

🔴Vulnerability Details

2
GHSA
GHSA-9pr6-c57v-9m6c: IBM Robotic Process Automation 212022-05-10
CVEList
CVE-2022-22319: IBM Robotic Process Automation 212022-05-09
CVE-2022-22319 (MEDIUM CVSS 5.4) | IBM Robotic Process Automation 21.0 | cvebase.io