Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue in MSFT Jan. 11 patches breaking BP SSO authentication

Go to answer
mohammed.ali
Staff
Staff

‎12-01-22 07:17 PM

We are aware that after applying the latest Microsoft Windows security update/patch for 'CVE-2022-21907,' which was released on January 11th, 2022, customers using Blue Prism with Windows Authentication have reported that Blue Prism Interactive Clients/Runtimes are triggering an additional prompt for credentials; however, when these credentials are entered, it is resulting in the below error:

  • Windows Authentication connection modes: 'SOAP security negotiation with 'http://XXXXXXXX:8199/bpserver' for target 'http://XXXXXXXXX:8199/bpserver' failed. See inner exception for more details. ---> System.ComponentModel.Win32Exception: Either the client credential was invalid or there was an error collecting the client credentials by the SSP'

While the issue looks to be impacting customers using the 'Windows Authentication' connections to the Application Server on BP v6.3.0 through v6.10.4 and BP v7.0.1, further investigation is still underway to test all versions of Blue Prism.  Therefore, this information could change. We are actively investigating this with our Product/Development teams with an urgent priority.  

Please refer to this KB Article for more information.  For any follow-up questions, please open a Support ticket.

------------------------------
Mohammed Ali
Head of Customer Support (Americas)
Blue Prism
------------------------------
1 BEST ANSWER

Best Answers

Go to answer
paul.anderson
Staff
Staff

‎20-01-22 09:32 AM

An update regarding the latest Microsoft Windows security update/patch for 'CVE-2022-21907' (11-Jan 2022).

Blue Prism has released a solution/fix for this issue and is detailed in the following KB article on our Support Portal: 


We highly encourage that you speak to your IT team for assistance in applying this fix/solution, and that you first test this solution in a non-production environment. 

The latest article update provides details about the issue, investigation and solution.  Please also check the additional information in the article after solution section, including guidance for customers with complex environments. 

------------------------------
Paul Anderson
Blue Prism
------------------------------

View answer in original post

0 Likes
1 REPLY 1

Go to answer
paul.anderson
Staff
Staff

‎20-01-22 09:32 AM

An update regarding the latest Microsoft Windows security update/patch for 'CVE-2022-21907' (11-Jan 2022).

Blue Prism has released a solution/fix for this issue and is detailed in the following KB article on our Support Portal: 


We highly encourage that you speak to your IT team for assistance in applying this fix/solution, and that you first test this solution in a non-production environment. 

The latest article update provides details about the issue, investigation and solution.  Please also check the additional information in the article after solution section, including guidance for customers with complex environments. 

------------------------------
Paul Anderson
Blue Prism
------------------------------
0 Likes