CVE-2023-23476

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation versions 21.0.0 through 21.0.7.latest

Description The issue is related to insufficient authorization validation on some API routes, which can allow unauthorized access to data. This can potentially enable a remote attacker to disclose protected information about the vulnerable system.

Recommendations For versions 21.0.0 through 21.0.7.latest, consider restricting access to the affected API routes until a patch is available. As a temporary workaround, review and strengthen authorization validation on all API endpoints to minimize the risk of exploitation.