LDAP Injection Vulnerability in IBM Robotic Process Automation by IBM
CVE-2019-4297

6.4MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
1 July 2019

Summary

IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to LDAP injection, enabling remote authenticated attackers to exploit the system by sending specially crafted requests. This vulnerability could facilitate unauthorized queries or modifications to LDAP content, posing significant risks to data integrity and system security.

Affected Version(s)

Robotic Process Automation with Automation Anywhere 11

References

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.