IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By…
ibm·CWE-90·Published 2019-07-01
IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability to make unauthorized queries or modify the LDAP content. IBM X-Force ID: 160761.
IBM Robotic Process Automation with Automation Anywhere 11 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability to make unauthorized queries or modify the LDAP content. IBM X-Force ID: 160761.
IBM Robotic Process Automation with Automation Anywhere versión 11 podría permitir que un atacante remoto autenticado realizar un ataque de inyección LDAP. Mediante el uso de una petición especialmente manipulada, un atacante podría aprovechar esta vulnerabilidad para realizar consultas no autorizadas o modificar el contenido LDAP. ID de IBM X-Force: 160761.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 5.5 | 8.0 | 4.9 | AV:N/AC:L/Au:S/C:P/I:P/A:N |
| 3.0 | Primary | cve.org | 6.4 | — | — | CVSS:3.0/C:L/PR:L/AV:N/AC:L/I:L/UI:N/A:N/S:C/E:U/RL:O/RC:C |
| 3.0 | Primary | cve.org | 6.4 | — | — | CVSS:3.0/C:L/PR:L/AV:N/AC:L/I:L/UI:N/A:N/S:C/E:U/RL:O/RC:C |
| 3.0 | Secondary | NVD | 6.4 | 3.1 | 2.7 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
| 3.1 | Primary | NVD | 5.4 | 2.8 | 2.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |