Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IbmRobotic Process Automation With Automation Anywhere

8 matches found

CVE
CVEadded 2018/06/07 2:29 p.m.46 views

CVE-2018-1547

IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. By persuading a victim to download the CSV export, to open it in Microsoft Excel and to confirm the two security q...

8CVSS7.7AI score0.01219EPSS
CVE
CVEadded 2018/11/02 3:29 p.m.41 views

CVE-2018-1552

IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. By uploading a malicious file and tricking a victim to run it, an attacker...

9.3CVSS8.6AI score0.01874EPSS
CVE
CVEadded 2018/11/02 3:29 p.m.36 views

CVE-2018-1878

IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. IBM X-Force ID: 151714.

5.3CVSS4.9AI score0.0014EPSS
CVE
CVEadded 2018/11/02 3:29 p.m.32 views

CVE-2018-1877

IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID: 151713.

7.8CVSS7AI score0.00017EPSS
CVE
CVEadded 2018/10/05 1:29 p.m.31 views

CVE-2018-1795

IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessi...

6.1CVSS5.8AI score0.00166EPSS
CVE
CVEadded 2018/10/05 1:29 p.m.31 views

CVE-2018-1812

IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. An attacker that has access to the Control Room database could exploit this vulnerability to execute script in a victim's web brows...

5.4CVSS5.4AI score0.00111EPSS
CVE
CVEadded 2018/06/07 2:29 p.m.29 views

CVE-2018-1514

IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 141622.

8.8CVSS8.4AI score0.00094EPSS
CVE
CVEadded 2018/11/02 3:29 p.m.26 views

CVE-2018-1876

IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707.

6.2CVSS5.4AI score0.00047EPSS