Robotic Process Automation With Automation Anywhere@* Security Vulnerabilities and Issues — Robotic Process Automation With Automation Anywhere@* CVE List

Lucene search

IbmRobotic Process Automation With Automation Anywhere*

10 matches found

CVE•added 2019/07/01 3:15 p.m.•60 views

CVE-2019-4296

IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. IBM X-Force ID: 160759.

4CVSS3.4AI score0.00093EPSS

CVE•added 2019/07/01 3:15 p.m.•59 views

CVE-2019-4297

IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability to make unauthorized queries or modify the LDAP content. IBM X-Force ID: 160761.

6.4CVSS5.4AI score0.0021EPSS

CVE•added 2019/07/01 3:15 p.m.•57 views

CVE-2019-4336

IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 161411.

9.8CVSS8.8AI score0.00633EPSS

CVE•added 2019/07/01 3:15 p.m.•56 views

CVE-2019-4337

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412.

5.3CVSS5AI score0.00222EPSS

CVE•added 2019/07/01 3:15 p.m.•54 views

CVE-2019-4295

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker with specialized access to obtain highly sensitive from the credential vault. IBM X-Force ID: 160758.

4.9CVSS4.8AI score0.00287EPSS

CVE•added 2019/07/01 3:15 p.m.•54 views

CVE-2019-4298

IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.

7.7CVSS6.4AI score0.00101EPSS

CVE•added 2019/07/01 3:15 p.m.•49 views

CVE-2019-4299

IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.

5.5CVSS5AI score0.00101EPSS

CVE•added 2021/05/07 4:15 p.m.•49 views

CVE-2020-4901

IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992.

6.5CVSS6.3AI score0.00327EPSS

CVE•added 2019/02/21 5:29 p.m.•41 views

CVE-2018-2006

IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to upload arbitrary files to the system. IBM X-Force ID: 155008.

4.9CVSS5.1AI score0.00217EPSS

CVE•added 2019/03/14 11:0 p.m.•25 views

CVE-2018-1908

IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-F...

5.4CVSS5.2AI score0.00229EPSS