Robotic Process Automation With Automation Anywhere

robotic_process_automation_with_automation_anywhere

Vendor: Ibm • 19 CVEs

CVEs (19)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-4901 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 May 7, 2021 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992.
CVE-2019-4337 1Ibm 1Robotic Process Automation With Automation Anywhere Jun 17, 2026 Jul 1, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412.
CVE-2019-4336 1Ibm 1Robotic Process Automation With Automation Anywhere Jun 17, 2026 Jul 1, 2019 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 161411.
CVE-2019-4299 1Ibm 1Robotic Process Automation With Automation Anywhere Jun 17, 2026 Jul 1, 2019 N/A· v4 5.5 MEDIUM· v3 1.9 LOW· v2 IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765.
CVE-2019-4298 1Ibm 1Robotic Process Automation With Automation Anywhere Jun 17, 2026 Jul 1, 2019 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X...Show more IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.Show less
CVE-2019-4297 1Ibm 1Robotic Process Automation With Automation Anywhere Jun 17, 2026 Jul 1, 2019 N/A· v4 5.4 MEDIUM· v3 5.5 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability to m...Show more IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability to make unauthorized queries or modify the LDAP content. IBM X-Force ID: 160761.Show less
CVE-2019-4296 1Ibm 1Robotic Process Automation With Automation Anywhere Jun 17, 2026 Jul 1, 2019 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. IBM X-Force ID: 160759.
CVE-2019-4295 1Ibm 1Robotic Process Automation With Automation Anywhere Jun 17, 2026 Jul 1, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker with specialized access to obtain highly sensitive from the credential vault. IBM X-Force ID: 160758.
CVE-2018-1908 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Mar 14, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...Show more IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152671.Show less
CVE-2018-2006 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Feb 21, 2019 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../)...Show more IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to upload arbitrary files to the system. IBM X-Force ID: 155008.Show less
CVE-2018-1878 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Nov 2, 2018 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. IBM X-Force ID: 151714.
CVE-2018-1877 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Nov 2, 2018 N/A· v4 7.8 HIGH· v3 2.1 LOW· v2 IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID: 151713.
CVE-2018-1876 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Nov 2, 2018 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707.
CVE-2018-1552 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Nov 2, 2018 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control r...Show more IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. By uploading a malicious file and tricking a victim to run it, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 142889.Show less
CVE-2018-1812 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Oct 5, 2018 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. An attacker that has access to the Control Room data...Show more IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. An attacker that has access to the Control Room database could exploit this vulnerability to execute script in a victim's web browser within the security context of the hosting Web site, once victim opens a certain page in Control Room. IBM X-Force ID: 149883.Show less
CVE-2018-1795 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Oct 5, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun...Show more IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 149073.Show less
CVE-2018-1547 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Jun 7, 2018 N/A· v4 7.7 HIGH· v3 5.1 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. By persuading a victim to download...Show more IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. By persuading a victim to download the CSV export, to open it in Microsoft Excel and to confirm the two security questions, an attacker could exploit this vulnerability to run any command or program on the victim's machine. IBM X-Force ID: 142651.Show less
CVE-2018-1514 1Ibm 1Robotic Process Automation With Automation Anywhere Nov 21, 2024 Jun 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit...Show more IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 141622.Show less
CVE-2017-1751 1Ibm 1Robotic Process Automation With Automation Anywhere May 13, 2026 Dec 20, 2017 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional...Show more IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135546.Show less