Lucene search
K

4 matches found

Saint
Saint
added 2020/08/13 12:0 a.m.248 views

Aruba ClearPass Policy Manager tipsSimulationUpload command execution

Added: 08/13/2020 CVE: CVE-2020-7115 Background Aruba ClearPass is a network access control solution. Problem A vulnerability in the tipsSimulationUpload.action resource allows remote attackers to execute arbitrary commands by uploading a shared object library in the uploadClientCertFile paramete...

10CVSS9.9AI score0.64596EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2020/07/17 12:0 a.m.58 views

Aruba Networks ClearPass Policy Manager 6.7.x < 6.7.13-HF / 6.8.x < 6.8.5-HF / 6.9.x < 6.9.1 Multiple Vulnerabilities (ARUBA-PSA-2020-005)

The remote host is Aruba Networks HP Clearpass Policy Manager version 6.7.x prior to 6.7.13-HF, or 6.8.x prior to 6.8.5-HF, or 6.9.x 6.9.1. It is, therefore, vulnerable to multiple security vulnerabilities as described in the vendor advisory ARUBA-PSA-2020-005. C Tenable Network Security, Inc...

10CVSS7.9AI score0.64596EPSS
Exploits8References4
Prion
Prion
added 2020/06/03 1:15 p.m.22 views

Command injection

The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system...

9CVSS7.1AI score0.03325EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/06/03 12:0 a.m.89 views

CVE-2020-7115

The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF...

10CVSS0.9AI score0.64596EPSS
In wildExploits8References3
Rows per page
Query Builder