Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment that exposes the Blue Prism Application server, it is possible for a domain authenticated user to send a crafted message to the Blue Prism Server and accomplish a remote code execution attack that is possible because of insecure deserialization. Exploitation of this vulnerability allows for code to be executed in the context of the Blue Prism Server service.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Blue Prism Enterprise 代码问题漏洞
Vulnerability Description
Blue Prism Enterprise是英国Blue Prism公司的一种智能机器人流程自动化 (RPA) 软件。 Blue Prism Enterprise 6.0 至 7.01 版本存在安全漏洞,该漏洞源于在暴露出Blue Prism应用服务器的错误配置环境中,经过域身份验证的用户有可能向Blue Prism服务器发送精心制作的消息并完成远程代码执行攻击,这可能是由于反序列化不安全而导致的,利用这个漏洞可以在Blue Prism Server服务的上下文中执行代码。
CVSS Information
N/A
Vulnerability Type
N/A