LDAP Injection Vulnerability in IBM Robotic Process Automation by IBM
CVE-2019-4297
6.4MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 1 July 2019
Summary
IBM Robotic Process Automation with Automation Anywhere 11 is vulnerable to LDAP injection, enabling remote authenticated attackers to exploit the system by sending specially crafted requests. This vulnerability could facilitate unauthorized queries or modifications to LDAP content, posing significant risks to data integrity and system security.
Affected Version(s)
Robotic Process Automation with Automation Anywhere 11
References
CVSS V3.1
Score:
6.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved