Critical Severity

Security Bulletin: IBM Robotic Process Automation may be affected by multiple vulnerabilities in open source components (CVE-2019-0820, CVE-2020-15522, CVE-2021-43569)

Share this post:

Multiple vulnerabilities in IBM Robotic Process Automation 21.0.1
Bouncy Castle is used by IBM Robotic Process Automation as part of it’s cryptograpy implementation. CVE-2020-15522.
Stark Bank Elixir is used by IBM Robotic Process Automation as part of it’s cryptograpy implementation. CVE-2021-43569.
IBM Robotic Process Automation is built using C# using Microsoft .NET Framework and Microsoft .NET Core. CVE-2020-15522.

CVE(s): CVE-2020-15522, CVE-2021-43569, CVE-2019-0820

Affected product(s) and affected version(s):

 

Affected Product(s) Version(s)
IBM Robotic Process Automation 21.0.1  < 21.0.1.5

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6598793
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/202188
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/213249
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/160363

More stories

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to remote code execution due to Apache Commons Configuration (CVE-2022-33980)

August 16, 2022 | Critical Severity

There is a vulnerability in Apache Commons Configuration used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE [CVE-2022-33980]. ...read more


Security Bulletin: Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with IBM Cloud Pak System

August 15, 2022 | Critical Severity

Multiple vulnerabilities in expat, glibc, http server, dojo, openssl shipped with Cloud Pak System. Cloud Pak System has addressed these vulnerabilities. ...read more


Security Bulletin: Apache Commons Configuration Vulnerability affects IBM SPSS Modeler [CVE-2022-33980]

August 15, 2022 | Critical Severity

There is a vulnerability in the version of Apache Commons Configuration that was included in IBM SPSS Modeler. This vulnerability has been addressed. [CVE-2022-33980] ...read more