CVE-2023-43058

3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.0%
top 86.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Robotic Process AutomationIBM Robotic Process Automation FOR Cloud PAK
Timeline
PublishedOct 6

Description

IBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
CVEList
IBM Robotic Process Automation privilege escalation2023-10-06
GHSA
GHSA-5qjv-68rj-pjqh: IBM Robotic Process Automation 232023-10-06
CVE-2023-43058 (CRITICAL CVSS 9.8) | IBM Robotic Process Automation 23.0 | cvebase.io