Vulnerabilities > IBM > Robotic Process Automation With Automation Anywhere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-02 | CVE-2018-1878 | Information Exposure vulnerability in IBM Robotic Process Automation With Automation Anywhere 11 IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. | 5.3 |
| 2018-11-02 | CVE-2018-1877 | Cleartext Storage of Sensitive Information vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. | 7.8 |
| 2018-11-02 | CVE-2018-1876 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. | 5.5 |
| 2018-11-02 | CVE-2018-1552 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Robotic Process Automation With Automation Anywhere 10/11 IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. | 8.8 |
| 2018-10-05 | CVE-2018-1812 | Cross-site Scripting vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. | 5.4 |
| 2018-10-05 | CVE-2018-1795 | Cross-site Scripting vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to cross-site scripting. | 6.1 |
| 2018-06-07 | CVE-2018-1547 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. | 7.7 |
| 2018-06-07 | CVE-2018-1514 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-12-20 | CVE-2017-1751 | Cross-site Scripting vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0.0 IBM Robotic Process Automation with Automation Anywhere 10.0.0 is vulnerable to cross-site scripting. | 5.4 |