CVE-2023-35900

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-35900
IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/259368 VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/7010895 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation_as_a_service:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation_as_a_service:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:*:*:*:*:*:*:*:*
OR cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
History

28 Jul 2023, 15:51

Type Values Removed Values Added
First Time Redhat openshift
Ibm robotic Process Automation As A Service
Redhat
Ibm robotic Process Automation For Cloud Pak
Microsoft windows
Microsoft
Ibm robotic Process Automation
Ibm
CPE cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:robotic_process_automation_as_a_service:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.3
References (MISC) https://www.ibm.com/support/pages/node/7010895 - (MISC) https://www.ibm.com/support/pages/node/7010895 - Patch, Vendor Advisory
References (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/259368 - (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/259368 - VDB Entry, Vendor Advisory

19 Jul 2023, 01:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-07-19 01:15

Updated : 2024-02-28 20:33

NVD link : CVE-2023-35900

Mitre link : CVE-2023-35900

CVE.ORG link : CVE-2023-35900

JSON object : View

Products Affected

redhat

  • openshift

ibm

  • robotic_process_automation
  • robotic_process_automation_for_cloud_pak
  • robotic_process_automation_as_a_service

microsoft

  • windows
CWE
NVD-CWE-noinfo CWE-200

Exposure of Sensitive Information to an Unauthorized Actor


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024