Vulnerability Description
IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabilities at the operating system level. IBM X-Force ID: 259368.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Robotic Process Automation | <= 21.0.7.4 |
| Ibm | Robotic Process Automation As A Service | <= 21.0.7.4 |
| Ibm | Robotic Process Automation For Cloud Pak | <= 21.0.7.4 |
| Redhat | Openshift | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/259368VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7010895PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/259368VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7010895PatchVendor Advisory
FAQ
What is CVE-2023-35900?
CVE-2023-35900 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.4 and 23.0.0 through 23.0.5 is vulnerable to disclosing server version information which may be used to determine software vulnerabil...
How severe is CVE-2023-35900?
CVE-2023-35900 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-35900?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Robotic Process Automation, Ibm Robotic Process Automation As A Service, Ibm Robotic Process Automation For Cloud Pak, Redhat Openshift, Microsoft Windows.