VYPR

Workload Automation

by HCL Software

CVEs (6)

  • CVE-2023-28009Apr 26, 2023
    risk 0.00cvss epss 0.01

    HCL Workload Automation is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

  • CVE-2023-28008Apr 26, 2023
    risk 0.00cvss epss 0.01

    HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

  • CVE-2022-38661Nov 4, 2022
    risk 0.00cvss epss 0.00

    HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash.

  • CVE-2020-4674Jan 12, 2021
    risk 0.00cvss epss 0.01

    IBM Workload Automation 9.5 stores the server path in URLs that could aid in further attacks against the system. IBM X-Force ID: 186287.

  • CVE-2020-4673Jan 12, 2021
    risk 0.00cvss epss 0.01

    IBM Workload Automation 9.5 stores sensitive information in HTML comments that could aid in further attacks against the system. IBM X-Force ID: 186286.

  • CVE-2019-6504Feb 6, 2019
    risk 0.00cvss epss 0.02

    Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object.