Описание
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.9.13 (исключая)Версия от 6.10.0 (включая) до 6.10.8 (исключая)Версия от 6.11.0 (включая) до 6.11.4 (включая)
Одновременно
Одно из
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:-:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_2:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_3:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:-:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_2:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00115
Низкий
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-269
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges to those of a higher role. A successful exploit allows malicious users to execute arbitrary code with root level privileges on the Linux instance.
EPSS
Процентиль: 31%
0.00115
Низкий
7.8 High
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-269