Описание
An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
Уязвимые конфигурации
Конфигурация 1Версия от 6.11.0 (включая) до 6.11.10 (исключая)Версия от 6.12.0 (включая) до 6.12.3 (исключая)
Одно из
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00404
Низкий
6.4 Medium
CVSS3
8 High
CVSS3
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 6.4
github
около 1 года назад
An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
EPSS
Процентиль: 60%
0.00404
Низкий
6.4 Medium
CVSS3
8 High
CVSS3
Дефекты
CWE-77