Vulnerabilities > IBM > Robotic Process Automation With Automation Anywhere > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-07 | CVE-2020-4901 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration. | 6.5 |
| 2019-07-01 | CVE-2019-4337 | Missing Authentication for Critical Function vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0.0.0/11.0.0.1/11.0.0.2 IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain sensitive information due to missing authentication in Ignite nodes. | 5.3 |
| 2019-07-01 | CVE-2019-4299 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere IBM Robotic Process Automation with Automation Anywhere 11 could allow a local user to obtain highly sensitive information from log files when debugging is enabled. | 5.5 |
| 2019-07-01 | CVE-2019-4297 | LDAP Injection vulnerability in IBM Robotic Process Automation With Automation Anywhere IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. | 5.4 |
| 2019-07-01 | CVE-2019-4295 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker with specialized access to obtain highly sensitive from the credential vault. | 4.9 |
| 2019-03-14 | CVE-2018-1908 | Cross-site Scripting vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0/11.0.0.0/11.0.0.1 IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to cross-site scripting. | 5.4 |
| 2019-02-21 | CVE-2018-2006 | Path Traversal vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0.0.0/11.0.0.1/11.0.0.2 IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote attacker to traverse directories on the system. | 4.9 |
| 2018-11-02 | CVE-2018-1878 | Information Exposure vulnerability in IBM Robotic Process Automation With Automation Anywhere 11 IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. | 5.3 |
| 2018-11-02 | CVE-2018-1876 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0 IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. | 5.5 |
| 2018-10-05 | CVE-2018-1812 | Cross-site Scripting vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere Enterprise 10 is vulnerable to persistent cross-site scripting, caused by missing escaping of a database field. | 5.4 |