PT-2019-17038 · Automation Anywhere+1 · Automation Anywhere+1

Published

2019-07-01

Updated

2022-12-06

CVE-2019-4336

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Robotic Process Automation with Automation Anywhere version 11

Description The issue is related to an inadequate account lockout setting, which could allow a remote attacker to brute force account credentials.

Recommendations For IBM Robotic Process Automation with Automation Anywhere version 11, consider implementing a more robust account lockout policy to prevent brute force attacks.

Fix

Improper Restriction of Excessive Authentication Attempts

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-307

Related Identifiers

CVE-2019-4336

Affected Products

Automation Anywhere

Ibm Robotic Process Automation

PT-2019-17038 · Automation Anywhere+1 · Automation Anywhere+1

CVE-2019-4336

Weakness Enumeration

Related Identifiers

Affected Products

References · 5