Ibm

Robotic Process Automation With Automation Anywhere

19 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2018-1878

  • EPSS 0.14%
  • Published 02.11.2018 15:29:00
  • Last modified 21.11.2024 04:00:31

IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. IBM X-Force ID: 151714.

7.8

CVE-2018-1877

  • EPSS 0.02%
  • Published 02.11.2018 15:29:00
  • Last modified 21.11.2024 04:00:31

IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID: 151713.

5.5

CVE-2018-1876

  • EPSS 0.05%
  • Published 02.11.2018 15:29:00
  • Last modified 21.11.2024 04:00:31

IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707.

9.3

CVE-2018-1552

  • EPSS 1.87%
  • Published 02.11.2018 15:29:00
  • Last modified 21.11.2024 04:00:00

IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. By uploading a malicious ...

5.4

CVE-2018-1812

  • EPSS 0.11%
  • Published 05.10.2018 13:29:09
  • Last modified 21.11.2024 04:00:24

IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. An attacker that has access to the Control Room database could exploit this vulner...

6.1

CVE-2018-1795

  • EPSS 0.17%
  • Published 05.10.2018 13:29:09
  • Last modified 21.11.2024 04:00:23

IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading...

7.7

CVE-2018-1547

  • EPSS 1.22%
  • Published 07.06.2018 14:29:00
  • Last modified 21.11.2024 03:59:59

IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. By persuading a victim to download the CSV export, to open it in ...

8.8

CVE-2018-1514

  • EPSS 0.09%
  • Published 07.06.2018 14:29:00
  • Last modified 21.11.2024 03:59:56

IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 1416...

5.4

CVE-2017-1751

  • EPSS 0.25%
  • Published 20.12.2017 18:29:01
  • Last modified 20.04.2025 01:37:25

IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cre...