What is CVE-2023-45189?

CVE-2023-45189 is a medium-severity vulnerability in Ibm Robotic Process Automation, classified under Information Disclosure. CVSS score: 6.5/10. Published 2023-11-03.

How severe is CVE-2023-45189?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Information disclosure in Ibm Robotic Process Automation

CVE-2023-45189

A vulnerability in IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.10, 23.0.0 through 23.0.10 may result in access to client vault credentials. This difficult to exploit vulnerability…

Vulnerability class: Information Disclosure

EPSS: 0.001 (21.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Ibm Robotic Process Automation — versions 21.0.0, 23.0.0
Ibm Robotic Process Automation For Cloud Pak — versions 21.0.0, 23.0.0

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

www.ibm.com/support/pages/node/7065204 (vendor-advisory)
exchange.xforce.ibmcloud.com/vulnerabilities/268752 (vdb-entry)

Frequently asked questions

What is CVE-2023-45189?: CVE-2023-45189 is a medium-severity vulnerability in Ibm Robotic Process Automation, classified under Information Disclosure. CVSS score: 6.5/10. Published 2023-11-03.
How severe is CVE-2023-45189?: Medium severity. CVSS v3 base score is 6.5 out of 10.