Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-25596

Опубликовано: 22 мар. 2023
Источник: nvd
CVSS3: 4.5
CVSS3: 4.9
EPSS Низкий

Описание

A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.9.0 (включая) до 6.9.13 (включая)
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.10.0 (включая) до 6.10.8 (включая)
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*

EPSS

Процентиль: 26%
0.00087
Низкий

4.5 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-312
CWE-312

Связанные уязвимости

github логотип

GHSA-6p72-fpqv-2cff

CVSS3: 4.9
github
почти 3 года назад

A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

EPSS

Процентиль: 26%
0.00087
Низкий

4.5 Medium

CVSS3

4.9 Medium

CVSS3

Дефекты

CWE-312
CWE-312