Lucene search
+L
IbmRobotic Process Automation With Automation Anywhere

19 matches found

CVE
CVE
added 2019/07/01 3:5 p.m.74 views

CVE-2019-4297

IBM Robotic Process Automation with Automation Anywhere (version 11) is affected by CVE-2019-4297 due to an LDAP injection in the LDAP handling path. The vulnerability allows a remote authenticated attacker to craft requests that can query or modify LDAP content. The IBM security bulletin confirm...

6.4CVSS5.4AI score0.01058EPSS
CVE
CVE
added 2019/07/01 3:5 p.m.72 views

CVE-2019-4337

CVE-2019-4337 affects IBM Robotic Process Automation with Automation Anywhere (version 11). The IBM bulletin documents an information-disclosure vulnerability caused by missing authentication in Ignite cluster nodes, enabling an attacker to obtain sensitive information. CVSS details in the entry ...

5.3CVSS5AI score0.01358EPSS
CVE
CVE
added 2019/07/01 3:5 p.m.71 views

CVE-2019-4296

IBM Robotic Process Automation with Automation Anywhere (11.0) is affected by CVE-2019-4296. The issue allows a local attacker to read email contents from the client debug log file due to logging of sensitive data, constituting an information-disclosure vulnerability. Affected version: 11.0.0.0–1...

4CVSS3.4AI score0.00298EPSS
CVE
CVE
added 2019/07/01 3:5 p.m.71 views

CVE-2019-4298

Summary of CVE-2019-4298 / IBM RPA with Automation Anywhere 11 : The vulnerability stems from using a high-privilege PostgreSQL admin account for application database access, enabling a local user to perform actions beyond their privileges. Affected product/version: IBM Robotic Process Automation...

7.7CVSS6.4AI score0.00319EPSS
CVE
CVE
added 2019/07/01 3:5 p.m.71 views

CVE-2019-4336

CVE-2019-4336 affects IBM Robotic Process Automation with Automation Anywhere (v11). The vulnerability stems from an inadequate account lockout setting in the Forgot-Password/authentication flow, enabling a remote attacker to brute-force credentials. This is supported by multiple sources (NVD ent...

9.8CVSS8.8AI score0.02006EPSS
CVE
CVE
added 2019/07/01 3:5 p.m.66 views

CVE-2019-4295

CVE-2019-4295 affects IBM Robotic Process Automation with Automation Anywhere version 11.0. The issue allows an attacker with specialized access to obtain highly sensitive information from the Credential Vault, representing a high-confidentiality disclosure (CVSSv3 base score 4.9). The IBM bullet...

4.9CVSS4.8AI score0.01132EPSS
CVE
CVE
added 2019/07/01 3:5 p.m.64 views

CVE-2019-4299

The CVE concerns IBM Robotic Process Automation with Automation Anywhere (11.0). A local attacker could access highly sensitive information from debug log files due to a logging exposure in the Client; the root cause is log data written when debugging is enabled. Impact is indicated as HIGH confi...

5.5CVSS5AI score0.00277EPSS
CVE
CVE
added 2021/05/07 3:45 p.m.60 views

CVE-2020-4901

The CVE-2020-4901 issue affects IBM Robotic Process Automation with Automation Anywhere 11.0. The root cause is an information-disclosure vulnerability enabling an attacker on the network to obtain sensitive data (via username enumeration) and, in some cases, trigger a denial of service. The avai...

6.5CVSS6.3AI score0.01078EPSS
CVE
CVE
added 2019/02/21 5:0 p.m.59 views

CVE-2018-2006

CVE-2018-2006 affects IBM Robotic Process Automation with Automation Anywhere (AA) 11.0. It is a directory traversal vulnerability where a remote attacker can craft a URL with dot-dot sequences (../) to traverse the filesystem and upload arbitrary files. The CVSS evidence indicates network access...

4.9CVSS5.1AI score0.02484EPSS
CVE
CVE
added 2018/06/07 2:0 p.m.58 views

CVE-2018-1547

IBM Robotic Process Automation with Automation Anywhere 10.0 is affected by CVE-2018-1547 due to improper output encoding in CSV exports, enabling remote code execution when a user opens a CSV and confirms two security questions in Excel. The vulnerability arises from encoding issues in the CSV e...

8CVSS7.7AI score0.02178EPSS
CVE
CVE
added 2017/12/20 6:0 p.m.55 views

CVE-2017-1751

CVE-2017-1751 affects IBM Robotic Process Automation with Automation Anywhere 10.0.0. The issue is a cross-site scripting vulnerability in the Web UI that lets an attacker embed arbitrary JavaScript, potentially exposing credentials within a trusted session. The root cause is insufficient input f...

5.4CVSS5.2AI score0.00694EPSS
CVE
CVE
added 2018/10/05 1:0 p.m.54 views

CVE-2018-1812

CVE-2018-1812 affects IBM Robotic Process Automation with Automation Anywhere Enterprise (V10.0). The vulnerability is a persistent cross-site scripting flaw caused by missing escaping of a database field in the Control Room, allowing an attacker with database access to execute scripts in a victi...

5.4CVSS5.4AI score0.0066EPSS
CVE
CVE
added 2018/11/02 3:0 p.m.53 views

CVE-2018-1552

CVE-2018-1552 affects IBM Robotic Process Automation with Automation Anywhere, versions 10.0 and 11.0. The vulnerability stems from a missing restriction on the types of files that can be uploaded to the control room, enabling a remote attacker to upload a malicious file and trick a user into exe...

9.3CVSS8.6AI score0.02908EPSS
CVE
CVE
added 2018/11/02 3:0 p.m.49 views

CVE-2018-1878

CVE-2018-1878 affects IBM Robotic Process Automation with Automation Anywhere (11.0). The root cause is an information disclosure in web requests that could reveal sensitive data to an attacker, enabling future attacks. Affected version: 11.0.0.1. Remediation: upgrade to IBM Robotic Process Autom...

5.3CVSS4.9AI score0.01301EPSS
CVE
CVE
added 2018/10/05 1:0 p.m.46 views

CVE-2018-1795

The CVE-2018-1795 entry concerns IBM Robotic Process Automation with Automation Anywhere Enterprise 10 (V10.0), where a cross-site scripting vulnerability exists in the Web UI that can allow injection of arbitrary JavaScript code and potentially lead to credentials disclosure within a trusted ses...

6.1CVSS5.8AI score0.00894EPSS
CVE
CVE
added 2018/11/02 3:0 p.m.43 views

CVE-2018-1877

CVE-2018-1877 affects IBM Robotic Process Automation with Automation Anywhere (11.0). The vulnerability stems from storing highly sensitive information as unencrypted passwords, making them readable by a local user. Impact is information disclosure of credentials stored by the RPA component. Reme...

7.8CVSS7AI score0.00245EPSS
CVE
CVE
added 2018/06/07 2:0 p.m.39 views

CVE-2018-1514

IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross‑site request forgery (CVE-2018-1514). The issue arises from CSRF allowing a remote attacker to trigger malicious actions transmitted from a trusted user session. Affected product/version: IBM Robotic Process Autom...

8.8CVSS8.4AI score0.00527EPSS
CVE
CVE
added 2018/11/02 3:0 p.m.39 views

CVE-2018-1876

CVE-2018-1876 affects IBM Robotic Process Automation with Automation Anywhere 11.0, where passwords may be written in plaintext to a Control Room log file after installation. Affected versions: 11.0 (fixed in 11.0.0.2, with remediation JR60077). The issue stems from logging behavior in the produc...

6.2CVSS5.4AI score0.00369EPSS
CVE
CVE
added 2019/03/14 11:0 p.m.39 views

CVE-2018-1908

CVE-2018-1908 affects IBM Robotic Process Automation with Automation Anywhere version 11.0, where a cross-site scripting (XSS) vulnerability in the Web UI could allow an attacker to inject arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Documented imp...

5.4CVSS5.2AI score0.00968EPSS