PT-2019-17038 · Automation Anywhere+1 · Automation Anywhere+1

Publicado

2019-07-01

Atualizado

2022-12-06

CVE-2019-4336

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation with Automation Anywhere version 11

Description The issue is related to an inadequate account lockout setting, which could allow a remote attacker to brute force account credentials.

Recommendations For IBM Robotic Process Automation with Automation Anywhere version 11, consider implementing a more robust account lockout policy to prevent brute force attacks.

Correção

Improper Restriction of Excessive Authentication Attempts

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-307

Identificadores relacionados

CVE-2019-4336

Produtos afetados

Automation Anywhere

Ibm Robotic Process Automation

PT-2019-17038 · Automation Anywhere+1 · Automation Anywhere+1

CVE-2019-4336

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5