Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ibm Subscribe
Filtered by product Robotic Process Automation With Automation Anywhere

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-4298 1 Ibm 1 Robotic Process Automation With Automation Anywhere 2020-08-24 3.6 LOW 7.1 HIGH
IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.
CVE-2018-1877 1 Ibm 1 Robotic Process Automation With Automation Anywhere 2019-10-09 2.1 LOW 7.8 HIGH
IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID: 151713.
CVE-2018-1514 1 Ibm 1 Robotic Process Automation With Automation Anywhere 2019-10-09 6.8 MEDIUM 8.8 HIGH
IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 141622.
CVE-2018-1547 1 Ibm 1 Robotic Process Automation With Automation Anywhere 2019-10-09 5.1 MEDIUM 7.7 HIGH
IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. By persuading a victim to download the CSV export, to open it in Microsoft Excel and to confirm the two security questions, an attacker could exploit this vulnerability to run any command or program on the victim's machine. IBM X-Force ID: 142651.
CVE-2018-1552 1 Ibm 1 Robotic Process Automation With Automation Anywhere 2019-10-09 9.3 HIGH 8.8 HIGH
IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. By uploading a malicious file and tricking a victim to run it, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 142889.