Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-7117

Опубликовано: 03 июн. 2020
Источник: nvd
CVSS3: 7.2
CVSS2: 9
EPSS Низкий

Описание

The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.7.0 (включая) до 6.7.13 (включая)
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.8.0 (включая) до 6.8.6 (исключая)
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.9.0 (включая) до 6.9.1 (исключая)

EPSS

Процентиль: 80%
0.01442
Низкий

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-353r-5hhq-rhq2

CVSS3: 7.2
github
больше 3 лет назад

The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher.

EPSS

Процентиль: 80%
0.01442
Низкий

7.2 High

CVSS3

9 Critical

CVSS2

Дефекты

NVD-CWE-noinfo