Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-26301

Опубликовано: 27 фев. 2024
Источник: nvd
CVSS3: 6.5
CVSS3: 6.5
EPSS Низкий

Описание

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.9.0 (включая) до 6.9.13 (исключая)
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.10.0 (включая) до 6.10.8 (исключая)
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
Версия от 6.11.0 (включая) до 6.11.6 (включая)
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:-:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_2:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_3:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_4:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:-:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_2:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_5:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_6:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.12.0:*:*:*:*:*:*:*

EPSS

Процентиль: 37%
0.00155
Низкий

6.5 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-gh72-4xjj-7p87

CVSS3: 6.5
github
почти 2 года назад

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

EPSS

Процентиль: 37%
0.00155
Низкий

6.5 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

NVD-CWE-noinfo