PT-2019-9933 · Uipath · Uipath Orchestrator
Published
2019-08-08
·
Updated
2020-08-24
·
CVE-2018-19855
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
UiPath Orchestrator versions prior to 2018.3.4
Description
The issue allows CSV Injection, related to the Audit export, Robot log export, and Transaction log export features.
Recommendations
For versions prior to 2018.3.4, update to version 2018.3.4 or later to resolve the issue.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Uipath Orchestrator