Page 2 of 12 results (0.005 seconds)

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability to make unauthorized queries or modify the LDAP content. IBM X-Force ID: 160761. IBM Robotic Process Automation with Automation Anywhere versión 11 podría permitir que un atacante remoto autenticado realizar un ataque de inyección LDAP. Mediante el uso de una petición especialmente manipulada, un atacante podría aprovechar esta vulnerabilidad para realizar consultas no autorizadas o modificar el contenido LDAP. • http://www.ibm.com/support/docview.wss?uid=ibm10884826 https://exchange.xforce.ibmcloud.com/vulnerabilities/160761 • CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. IBM X-Force ID: 160759. IBM Robotic Process Automation with Automation Anywhere versión 11 una divulgación de información podría permitir a un usuario local obtener contenidos de correo electrónico del archivo de registro de depuración del cliente. ID de IBM X-Force: 160759. • http://www.ibm.com/support/docview.wss?uid=ibm10884844 https://exchange.xforce.ibmcloud.com/vulnerabilities/160759 • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker with specialized access to obtain highly sensitive from the credential vault. IBM X-Force ID: 160758. IBM Robotic Process Automation with Automation Anywhere versión 11 podría permitir que un atacante con acceso especializado obtener información altamente confidencial de la bóveda de credenciales. ID de IBM X-Force: 160758. • http://www.ibm.com/support/docview.wss?uid=ibm10884840 https://exchange.xforce.ibmcloud.com/vulnerabilities/160758 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152671. IBM Robotic Process Automation with Automation Anywhere 11 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=ibm10739253 http://www.securityfocus.com/bid/107431 https://exchange.xforce.ibmcloud.com/vulnerabilities/152671 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0

IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to upload arbitrary files to the system. IBM X-Force ID: 155008. IBM Robotic Process Automation, en su versión "Automation Anywhere 11", podría permitir que un atacante remoto salte directorios en el sistema. Un atacante podría enviar una petición URL especialmente manipulada que contenga secuencias "punto punto" (/../) para subir archivos arbitrarios al sistema. • http://www.securityfocus.com/bid/107122 https://exchange.xforce.ibmcloud.com/vulnerabilities/155008 https://www.ibm.com/support/docview.wss?uid=ibm10794133 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •