CVE-2022-39168

Published: Sep 29, 2022

Modified: May 20, 2025

PUBLISHED

CVSS v3.0

4.6

MEDIUM

IBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422.

Vendor	Product	Versions
IBM	Robotic Process Automation	affected `21.0.3` affected `21.0.4`

CVSS v3.0 Vector

CVSS:3.0/PR:N/S:U/UI:N/I:N/C:H/AV:P/A:N/AC:L/RL:O/E:U/RC:C

Privileges Required

None

Scope

Unchanged

User Interaction

None

Integrity

None

Confidentiality

High

Attack Vector

Physical

Availability

None

Attack Complexity

Low

x_refsource_CONFIRM

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.