Lucene search
IBM15BF22A8C9EF3CDB91D04E803DD2E7ABDC2AB7EB1D062422F3A3885B64FACA27HistoryMay 06, 2021 - 3:20 p.m.
Security Bulletin: Information disclosure vulnerability may affect IBM Robotic Process Automation Anywher - CVE-2020-4901
2021-05-0615:20:47
www.ibm.com
8
ibm robotic process automation
information disclosure
vulnerability
cve-2020-4901
attack
network
sensitive information
denial of service
username enumeration
cvss base score
fix pack 11.0.0.10
EPSS
0.001
Percentile
34.3%
Summary
IBM Robotic Process Automation Anywhere is vulnerable to an information disclosure attack
Vulnerability Details
CVEID:CVE-2020-4901
**DESCRIPTION:**IBM Robotic Process Automation with Automation Anywhere could allow an attacker on the network to obtain sensitive information or cause a denial of service through username enumeration.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190992 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Robotic Process Automation with Automation Anywhere | 11.0 |
Remediation/Fixes
For IBM Robotic Process Automation with Automation Anywhere, version 11.0, apply Fix Pack 11.0.0.10 or later.
Workarounds and Mitigations
None
Related
cve
cve
CVE-2020-4901
2021-05-07 16:15:07
cvelist
cvelist
CVE-2020-4901
2021-05-07 15:45:13
nvd
nvd
CVE-2020-4901
2021-05-07 16:15:07
prion
prion
Design/Logic Flaw
2021-05-07 16:15:00
EPSS
0.001
Percentile
34.3%
Related for 15BF22A8C9EF3CDB91D04E803DD2E7ABDC2AB7EB1D062422F3A3885B64FACA27