CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4901
https://notcve.org/view.php?id=CVE-2020-4901
IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. IBM X-Force ID: 190992. IBM Robotic Process Automation con Automation Anywhere versión 11.0, podría permitir a un atacante en la red obtener información confidencial o causar una denegación de servicio mediante la enumeración de nombres de usuario.  IBM X-Force ID: 190992 • https://exchange.xforce.ibmcloud.com/vulnerabilities/190992 https://www.ibm.com/support/pages/node/6450435 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4337
https://notcve.org/view.php?id=CVE-2019-4337
IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. IBM X-Force ID: 161412. IBM Robotic Process Automation with Automation Anywhere versión 11 podría permitir a un atacante obtener información sensible debido a la falta de autenticación en Ignite nodes. ID de IBM X-Force: 161412. • http://www.ibm.com/support/docview.wss?uid=ibm10884850 https://exchange.xforce.ibmcloud.com/vulnerabilities/161412 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4336
https://notcve.org/view.php?id=CVE-2019-4336
IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 161411. IBM Robotic Process Automation with Automation Anywhere versión 11 emplea una configuración de bloqueo de cuenta inadecuada que podría permitir que un atacante remoto descifre credenciales de cuenta por fuerza bruta. ID de IBM X-Force:161411. • http://www.ibm.com/support/docview.wss?uid=ibm10884848 https://exchange.xforce.ibmcloud.com/vulnerabilities/161411 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4299
https://notcve.org/view.php?id=CVE-2019-4299
IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. IBM X-Force ID: 160765. IBM Robotic Process Automation with Automation Anywhere versión 11 podría permitir que un usuario local obtenga información altamente sensible de los archivos de registro cuando la depuración está habilitada. ID de IBM X-Force: 160765. • http://www.ibm.com/support/docview.wss?uid=ibm10884842 https://exchange.xforce.ibmcloud.com/vulnerabilities/160765 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4298
https://notcve.org/view.php?id=CVE-2019-4298
IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764. IBM Robotic Process Automation with Automation Anywhere versión 11 utiiliza una cuenta de PostgreSQL de alto privilegio para el acceso a la base de datos que podría permitir a un usuario local realizar acciones que no deberían tener privilegios para ejecutar. ID de IBM X-Force: 160764. • http://www.ibm.com/support/docview.wss?uid=ibm10884820 https://exchange.xforce.ibmcloud.com/vulnerabilities/160764 •