Username Enumeration Vulnerability in IBM Robotic Process Automation
CVE-2020-4901
5.4MEDIUM
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 7 May 2021
Summary
IBM Robotic Process Automation with Automation Anywhere 11.0 is susceptible to a vulnerability that enables attackers within the network to perform username enumeration attacks. This could allow unauthorized users to gather sensitive information or potentially disrupt services by causing a denial of service. To mitigate risks, it’s crucial for organizations to implement security measures that detect and prevent such enumeration attempts. For more detailed information, please refer to IBM's official documentation and vulnerability tracking resources.
Affected Version(s)
Robotic Process Automation with Automation Anywhere 11.0
References
CVSS V3.1
Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved