In certain cases, an attacker could exploit these vulnerabilities to cause a denial-of-service condition against the ClearPass Policy Manager cluster in Aruba. An attacker could also exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the ClearPass Policy Manager cluster in Aruba. ClearPass Policy Manager version(s): 9.2.x: 9.2.10 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities. In certain cases, an attacker could exploit these vulnerabilities to cause a denial-of-service condition against the Aruba ClearPass Policy Manager instance. An attacker could also exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the Aruba ClearPass Policy Manager instance. ClearPass Policy Manager version(s): 9.3.x: 9.3.7 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities. In certain cases, an attacker could exploit these vulnerabilities to cause a denial-of-service condition against the Aruba ClearPass Policy Manager instance. An attacker could also exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the Aruba ClearPass Policy Manager instance.
Vulnerability Scenario:
An attacker exploits these vulnerabilities to cause a denial-of-service condition against the ClearPass Policy Manager cluster in Aruba. An attacker could also exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the ClearPass Policy Manager cluster in Aruba.
ClearPass Policy Manager version(s): 9.2.x: 9.2.10 and below, 9.3.x: 9.3.7 and below
ClearPass Policy Manager Vulnerability Overview
ClearPass Policy Manager is a web-based management solution for Aruba ClearPass switches and sensors. It provides centralized management of policies, provisioning, and monitoring. ClearPass Policy Manager versions: 9.2.x: 9.2.10 and below; 9.3.x: 9.3.7 and below
Timeline
Published on: 09/20/2022 21:15:00 UTC
Last modified on: 09/21/2022 19:44:00 UTC