漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for an administrative function. If credential access is configured to be accessible by a machine or the runtime resource security group, using further reverse engineering, an attacker can spoof a known machine and request known encrypted credentials to decrypt later.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Blue Prism Enterprise 安全漏洞
Vulnerability Description
Blue Prism Enterprise是英国Blue Prism公司的一种智能机器人流程自动化 (RPA) 软件。 Blue Prism Enterprise 6.0 至 7.01 版本存在安全漏洞,该漏洞源于在暴露出Blue Prism应用服务器的错误配置环境中,认证用户有可能对Blue Prism软件进行逆向工程,规避管理功能的访问控制。如果凭证访问被配置为可由机器或运行时资源安全组访问,利用进一步的逆向工程,攻击者可以欺骗已知的机器并请求已知的加密凭证,以便解密。
CVSS Information
N/A
Vulnerability Type
N/A