CVE-2023-22591
published 2023-03-15CVE-2023-22591: IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for…
low3.2CVSS 3.1
AVPACLPRNUIRSUCLILAN
IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. IBM X-Force ID: 243710.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | robotic_process_automation | >= 21.0.1 < 21.0.7 | 21.0.7 |
| ibm | robotic_process_automation | >= 21.0.1 < 21.0.7.1 | 21.0.7.1 |
| ibm | robotic_process_automation | >= 23.0.0 < 23.0.1 | 23.0.1 |
| ibm | robotic_process_automation | >= 23.0.0 < 23.0.2 | 23.0.2 |
| ibm | robotic_process_automation_as_a_service | < 23.0.2 | 23.0.2 |