Ibm

Robotic Process Automation With Automation Anywhere

19 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2020-4901

  • EPSS 0.33%
  • Published 07.05.2021 16:15:07
  • Last modified 21.11.2024 05:33:23

IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992.

5.3

CVE-2019-4337

  • EPSS 0.21%
  • Published 01.07.2019 15:15:12
  • Last modified 21.11.2024 04:43:29

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412.

9.8

CVE-2019-4336

  • EPSS 0.63%
  • Published 01.07.2019 15:15:12
  • Last modified 21.11.2024 04:43:29

IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 161411.

5.5

CVE-2019-4299

  • EPSS 0.1%
  • Published 01.07.2019 15:15:12
  • Last modified 21.11.2024 04:43:26

IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.

7.1

CVE-2019-4298

  • EPSS 0.1%
  • Published 01.07.2019 15:15:12
  • Last modified 21.11.2024 04:43:26

IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.

5.5

CVE-2019-4297

  • EPSS 0.21%
  • Published 01.07.2019 15:15:12
  • Last modified 21.11.2024 04:43:26

IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability to make unauthorized queries or mo...

3.3

CVE-2019-4296

  • EPSS 0.09%
  • Published 01.07.2019 15:15:12
  • Last modified 21.11.2024 04:43:26

IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. IBM X-Force ID: 160759.

4.9

CVE-2019-4295

  • EPSS 0.27%
  • Published 01.07.2019 15:15:12
  • Last modified 21.11.2024 04:43:26

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker with specialized access to obtain highly sensitive from the credential vault. IBM X-Force ID: 160758.

5.4

CVE-2018-1908

  • EPSS 0.23%
  • Published 14.03.2019 22:29:00
  • Last modified 21.11.2024 04:00:34

IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credent...

4.9

CVE-2018-2006

  • EPSS 0.22%
  • Published 21.02.2019 17:29:00
  • Last modified 21.11.2024 04:03:34

IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to upload arbitrary files to ...