Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for an authenticated user to reverse engineer the Blue Prism software and circumvent access controls for the SetProcessAttributes administrative function. Abusing this function will allow any Blue Prism user to publish, unpublish, or retire processes. Using this function, any logged-in user can change the status of a process, an action allowed only intended for users with the Edit Process permission.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Blue Prism Enterprise 安全漏洞
Vulnerability Description
Blue Prism Enterprise是英国Blue Prism公司的一种智能机器人流程自动化 (RPA) 软件。 Blue Prism Enterprise 6.0 至 7.01 版本存在安全漏洞,该漏洞源于在暴露出Blue Prism应用服务器的错误配置环境中,经过身份验证的用户可以对Blue Prism软件进行逆向工程,并绕过SetProcessAttributes管理功能的访问控制,滥用此功能将允许任何Blue Prism用户发布、取消发布或停用进程,使用此功能任何已登录的用户都可以更改进程的
CVSS Information
N/A
Vulnerability Type
N/A