CVE-2023-35901

Summary

IBM Robotic Process Automation 21.0.0 through 21.0.7.6 and 23.0.0 through 23.0.6 is vulnerable to client side validation bypass which could allow invalid changes or values in some fields. IBM X-Force ID: 259380.

Affected Software

VendorProductVersion RangeStatus
IBMRobotic Process Automation21.0.0 <= 21.0.7.6affected
IBMRobotic Process Automation23.0.0 <= 23.0.6affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References