CyberSec.Space Logo
Back to CVE Browser

CVE-2019-4298

HIGH
7.1
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile9.55th
PublishedJul 1, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.

Affected Platforms (CPE)

πŸ“¦
Ibm

Robotic Process Automation With Automation Anywhere

>= 11.0.0.0 and < 11.0.0.5

References & Advisories

πŸ”— http://www.ibm.com/support/docview.wss?uid=ibm10884820
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/160764
πŸ”— http://www.ibm.com/support/docview.wss?uid=ibm10884820
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/160764

Related Vulnerabilities

CVE-2019-43369.8

IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote at...

CVE-2018-15478.0

IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system...

CVE-2020-49016.5

IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive informatio...

CVE-2018-18766.2

IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log f...