IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Robotic_process_automation | Ibm | 21.0.0 (including) | 21.0.7.1 (excluding) |
Robotic_process_automation | Ibm | 23.0.0 (including) | 23.0.0 (including) |
Robotic_process_automation_as_a_service | Ibm | * | 23.0.1 (excluding) |
Robotic_process_automation_for_cloud_pak | Ibm | 21.0.0 (including) | 21.0.7.1 (excluding) |
Robotic_process_automation_for_cloud_pak | Ibm | 23.0.0 (including) | 23.0.0 (including) |