CVE-2023-22593
MEDIUMIBM Robotic Process Automation 21.0.1-21.0.7.3 & 23.0.0-23.0.3 Privilege Escalation via Redis Misconfiguration
Title source: llmDescription
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to security misconfiguration of the Redis container which may provide elevated privileges. IBM X-Force ID: 244074.
References (2)
Core 2
Core References
Patch, Vendor Advisory vendor-advisory
https://www.ibm.com/support/pages/node/7006001
VDB Entry, Vendor Advisory vdb-entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/244074
Scores
CVSS v3
4.0
EPSS
0.0003
EPSS Percentile
8.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-863
Status
published
Products (1)
ibm/robotic_process_automation
21.0.1 - 21.0.7.3
Published
Jun 27, 2023
Tracked Since
Feb 18, 2026