VYPR
Vendor

Automation Anywhere

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2024-41226HigAug 6, 2024
    risk 0.51cvss 7.8epss 0.01

    A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload. NOTE: Automation Anywhere disputes this report, arguing the attacker executes everything from the client side and does not attack…

  • CVE-2022-29856HigApr 29, 2022
    risk 0.49cvss 7.5epss 0.02

    A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA packages.

  • CVE-2024-6922MedJul 26, 2024
    risk 0.47cvss epss 0.30

    Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web API component. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web requests from…