exploitDog

GHSA-v28f-46mh-g2w2

Опубликовано: 04 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.7

Описание

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.

Ссылки

EPSS

Процентиль: 43%

0.00208

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2025-25039

CVSS3: 4.7

nvd

около 1 года назад

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.

BDU:2025-02352

CVSS3: 4.7

fstec

около 1 года назад

Уязвимость веб-интерфейса платформы управления доступом Aruba Networks ClearPass Policy Manager, позволяющая нарушителю выполнить произвольные команды

EPSS

Процентиль: 43%

0.00208

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-78