How severe is CVE-2022-36774?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Ibm Robotic Process Automation

CVE-2022-36774

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to man in the middle attacks through manipulation of the client proxy configuration. IBM X-Force ID: 233575.

EPSS: 0.001 (25.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/C:N/I:H/S:U/UI:N/A:N/PR:N/AV:A/AC:L/E:U/RL:O/RC:C.

Affected products

Ibm Robotic Process Automation — versions 21.0.0, 21.0.1, 21.0.2

References

www.ibm.com/support/pages/node/6826013
ibm-rpa-cve202236774-file-manipulation (233575) (vdb-entry)

Frequently asked questions

What is CVE-2022-36774?: CVE-2022-36774 is a medium-severity vulnerability in Ibm Robotic Process Automation. CVSS score: 6.5/10. Published 2022-10-06.
How severe is CVE-2022-36774?: Medium severity. CVSS v3 base score is 6.5 out of 10.