CVE-2022-22413

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation versions 21.0.0 through 21.0.2

Description The issue allows a remote attacker to send specially crafted SQL statements, potentially enabling them to view, add, modify, or delete information in the back-end database. This is due to a SQL injection vulnerability.

Recommendations For versions 21.0.0 through 21.0.2, update to a version that includes a fix for this issue to prevent SQL injection attacks. As a temporary workaround, consider restricting access to the database and limiting the execution of SQL statements from untrusted sources.