Lucene search
K
SsctechBlue Prism

5 matches found

CVE
CVE
added 2022/08/25 11:0 p.m.75 views

CVE-2022-36119

CVE-2022-36119 affects Blue Prism Enterprise 6.0–7.01. The vulnerability arises from insecure deserialization in a misconfigured environment that exposes the Blue Prism Application server, allowing a domain-authenticated user to send a crafted message to the Blue Prism Server and achieve remote c...

8.8CVSS8.7AI score0.01506EPSS
CVE
CVE
added 2022/08/25 10:58 p.m.66 views

CVE-2022-36118

CVE-2022-36118 affects Blue Prism Enterprise 6.0–7.01. In a misconfigured environment exposing the Blue Prism Application server, an authenticated user can reverse‑engineer the software and bypass access controls on the SetProcessAttributes administrative function, enabling any logged‑in user to ...

5.3CVSS5.2AI score0.00639EPSS
CVE
CVE
added 2022/08/25 10:57 p.m.64 views

CVE-2022-36117

The CVE-2022-36117 issue affects Blue Prism Enterprise 6.0–7.01. In a misconfigured environment that exposes the Blue Prism Application server, an authenticated user can reverse engineer the software to bypass access controls for an administrative function. Further reverse engineering may allow a...

3.1CVSS4.1AI score0.00562EPSS
CVE
CVE
added 2022/08/25 10:56 p.m.60 views

CVE-2022-36116

CVE-2022-36116 affects Blue Prism Enterprise 6.0–7.01. In a misconfigured environment exposing the Blue Prism Application server, an authenticated user can reverse engineer the software and bypass access controls for the setValidationInfo administrative function, increasing the chance of hiding m...

5.3CVSS5.3AI score0.00705EPSS
CVE
CVE
added 2022/08/25 10:54 p.m.58 views

CVE-2022-36115

CVE-2022-36115 affects Blue Prism Enterprise 6.0–7.01. In misconfigured deployments exposing the Blue Prism Application server, an authenticated user can reverse engineer the software and bypass access controls to inject custom functionality via CreateProcessAutosave(), potentially inserting mali...

7.1CVSS6.8AI score0.00774EPSS