How severe is CVE-2022-41294?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Ibm Robotic Process Automation

CVE-2022-41294

IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross origin resource sharing using the bot api. IBM X-Force ID: 236807.

EPSS: 0.001 (23.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/C:L/I:L/S:U/UI:N/PR:N/A:N/AV:N/AC:L/E:U/RL:O/RC:C.

Affected products

Ibm Robotic Process Automation — versions 21.0.0, 21.0.1, 21.0.2

References

www.ibm.com/support/pages/node/6825985
ibm-rpa-cve202241294-cors (236807) (vdb-entry)

Frequently asked questions

What is CVE-2022-41294?: CVE-2022-41294 is a medium-severity vulnerability in Ibm Robotic Process Automation. CVSS score: 6.5/10. Published 2022-10-06.
How severe is CVE-2022-41294?: Medium severity. CVSS v3 base score is 6.5 out of 10.