PT-2019-17022 · Postgresql+1 · Postgresql+1

Publicado

2019-07-01

Atualizado

2023-01-31

CVE-2019-4298

CVSS v3.1

7.7

Alta

Vetor

S:U/A:N/PR:N/C:H/AC:L/AV:L/I:H/UI:N

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation with Automation Anywhere version 11

Description The issue concerns the use of a high-privileged PostgreSQL account for database access in IBM Robotic Process Automation with Automation Anywhere. This could allow a local user to perform actions they should not have privileges to execute.

Recommendations For IBM Robotic Process Automation with Automation Anywhere version 11, consider restricting access to the PostgreSQL account to minimize the risk of exploitation. As a temporary workaround, review and adjust the database access privileges to ensure they align with the principle of least privilege.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2019-4298

Produtos afetados

Ibm Robotic Process Automation With Automation Anywhere

Postgresql

PT-2019-17022 · Postgresql+1 · Postgresql+1

CVE-2019-4298

Identificadores relacionados

Produtos afetados

Referências · 5