Ibm · Ibm Robotic Process Automation · CVE-2023-23476
**Name of the Vulnerable Software and Affected Versions**
IBM Robotic Process Automation versions 21.0.0 through 21.0.7.latest
**Description**
The issue is related to insufficient authorization validation on some API routes, which can allow unauthorized access to data. This can potentially enable a remote attacker to disclose protected information about the vulnerable system.
**Recommendations**
For versions 21.0.0 through 21.0.7.latest, consider restricting access to the affected API routes until a patch is available. As a temporary workaround, review and strengthen authorization validation on all API endpoints to minimize the risk of exploitation.