5 matches found
CVE-2022-36119
CVE-2022-36119 affects Blue Prism Enterprise 6.0–7.01. The vulnerability arises from insecure deserialization in a misconfigured environment that exposes the Blue Prism Application server, allowing a domain-authenticated user to send a crafted message to the Blue Prism Server and achieve remote c...
CVE-2022-36118
CVE-2022-36118 affects Blue Prism Enterprise 6.0–7.01. In a misconfigured environment exposing the Blue Prism Application server, an authenticated user can reverse‑engineer the software and bypass access controls on the SetProcessAttributes administrative function, enabling any logged‑in user to ...
CVE-2022-36117
The CVE-2022-36117 issue affects Blue Prism Enterprise 6.0–7.01. In a misconfigured environment that exposes the Blue Prism Application server, an authenticated user can reverse engineer the software to bypass access controls for an administrative function. Further reverse engineering may allow a...
CVE-2022-36116
CVE-2022-36116 affects Blue Prism Enterprise 6.0–7.01. In a misconfigured environment exposing the Blue Prism Application server, an authenticated user can reverse engineer the software and bypass access controls for the setValidationInfo administrative function, increasing the chance of hiding m...
CVE-2022-36115
CVE-2022-36115 affects Blue Prism Enterprise 6.0–7.01. In misconfigured deployments exposing the Blue Prism Application server, an authenticated user can reverse engineer the software and bypass access controls to inject custom functionality via CreateProcessAutosave(), potentially inserting mali...