CVE Catalog
CVE-2023-40370
LowCVSS 3.7Exploitation Probability (EPSS)
Low risk0.41%
33th percentile — higher than 33% of all known CVEs
Summary
IBM Robotic Process Automation versions 21.0.0 through 21.0.7.1 is vulnerable to information disclosure of script content if the remote REST request policy is enabled.
Risk Assessment
Disclosure of script content may lead to leakage of sensitive information, posing a security threat to the organization.
Recommendation
It is recommended to disable the remote REST request policy or update to the latest version to minimize risk.
Original NVD description (English source)
IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470.

