CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-4298

HIGH
7.1
CVSS Severity Score
EPSS Score0.0640%
EPSS Percentile9.55th
Published2019年7月1日
Last Modified2024年11月21日

Vulnerability Description

IBM Robotic Process Automation with Automation Anywhere 11 uses a high privileged PostgreSQL account for database access which could allow a local user to perform actions they should not have privileges to execute. IBM X-Force ID: 160764.

Affected Platforms (CPE)

📦
Ibm

Robotic Process Automation With Automation Anywhere

>= 11.0.0.0 and < 11.0.0.5

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=ibm10884820
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/160764
🔗 http://www.ibm.com/support/docview.wss?uid=ibm10884820
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/160764

相關漏洞威脅

CVE-2019-43369.8

IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote at...

CVE-2018-15478.0

IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system...

CVE-2020-49016.5

IBM Robotic Process Automation with Automation Anywhere 11.0 could allow an attacker on the network to obtain sensitive informatio...

CVE-2018-18766.2

IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log f...