IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 03 Apr 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-04-03T19:50:13.063Z
Reserved: 2023-01-09T15:16:41.369Z
Link: CVE-2023-22863

Updated: 2024-08-02T10:20:31.133Z

Status : Modified
Published: 2023-01-18T19:15:12.803
Modified: 2024-11-21T07:45:32.963
Link: CVE-2023-22863

No data.

No data.