Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the setValidationInfo administrative function. Removing the validation applied to newly designed processes increases the chance of successfully hiding malicious code that could be executed in a production environment.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Blue Prism Enterprise 安全漏洞
Vulnerability Description
Blue Prism Enterprise是英国Blue Prism公司的一种智能机器人流程自动化 (RPA) 软件。 Blue Prism Enterprise 6.0 至 7.01 版本存在安全漏洞,该漏洞源于在暴露出Blue Prism应用服务器的错误配置环境中,认证用户有可能对Blue Prism软件进行反向工程,并规避setValidationInfo管理功能的访问控制,移除应用于新设计的进程的验证,增加了成功隐藏恶意代码的机会,这些恶意代码可以在生产环境中执行。
CVSS Information
N/A
Vulnerability Type
N/A