CVE-2019-4337

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412.

CVE-2019-4299

IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.

CVE-2017-1751

IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

CVE-2018-1878

IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. IBM X-Force ID: 151714.

CVE-2018-1812

IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. An attacker that has access to the Control Room database could exploit this vulnerability to execute script in a victim's web brows...

CVE-2018-1908

IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-F...