February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-47990 – IBM AIX Vulnerability
January 19, 2023Rewterz Threat Alert – IcedID Banking Trojan aka BokBot – Active IOCs
January 19, 2023Rewterz Threat Advisory – CVE-2022-47990 – IBM AIX Vulnerability
January 19, 2023Rewterz Threat Alert – IcedID Banking Trojan aka BokBot – Active IOCs
January 19, 2023
Severity
Medium
Analysis Summary
CVE-2023-22592 CVSS:4
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.4 could allow a local user to perform unauthorized actions due to insufficient permission settings.
CVE-2023-22594 CVSS:4.6
IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2023-22863 CVSS:5.9
IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques.
Impact
- Gain Access
- Cross-Site Scripting
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-22592
- CVE-2023-22594
- CVE-2023-22863
Affected Vendors
IBM
Affected Products
- IBM Robotic Process Automation 21.0.1
- IBM Robotic Process Automation 21.0.4
- IBM Robotic Process Automation 20.12
- IBM Robotic Process Automation 21.0.2
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.