Inadequate Account Lockout Setting in IBM Robotic Process Automation with Automation Anywhere 11 Allows Remote Brute Force Attack

Inadequate Account Lockout Setting in IBM Robotic Process Automation with Automation Anywhere 11 Allows Remote Brute Force Attack

CVE-2019-4336 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

IBM Robotic Process Automation with Automation Anywhere 11 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 161411.

Learn more about our Cis Benchmark Audit For Robot Operating System.