The vulnerability of the Cisco Business Process Automation software lies in improper configuration of authentication for management commands and access settings to action logs, allowing attackers to escalate their privileges.

The vulnerability of the Cisco Business Process Automation software relates to incorrect authentication settings for control commands and incorrect access settings to action logs. Exploiting this vulnerability could allow a malicious actor to enhance their privileges by sending specially crafted...

CVE-2021-1576

Multiple vulnerabilities in the web-based management interface of Cisco Business Process Automation BPA could allow an authenticated, remote attacker to elevate privileges to Administrator. These vulnerabilities are due to improper authorization enforcement for specific features and for access to...