CVE Catalog

CVE-2023-40370

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.41%

33th percentile — higher than 33% of all known CVEs

Summary

IBM Robotic Process Automation versions 21.0.0 through 21.0.7.1 is vulnerable to information disclosure of script content if the remote REST request policy is enabled.

Risk Assessment

Disclosure of script content may lead to leakage of sensitive information, posing a security threat to the organization.

Recommendation

It is recommended to disable the remote REST request policy or update to the latest version to minimize risk.

Original NVD description (English source)

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS