2 matches found
Aruba ClearPass Policy Manager tipsSimulationUpload command execution
Added: 08/13/2020 CVE: CVE-2020-7115 Background Aruba ClearPass is a network access control solution. Problem A vulnerability in the tipsSimulationUpload.action resource allows remote attackers to execute arbitrary commands by uploading a shared object library in the uploadClientCertFile paramete...
Command injection
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system...