CVE-2022-37883 Vulnerabilities in the ClearPass Policy Manager web-based interface allow remote attackers to run arbitrary commands on the underlying host.

end users are advised to upgrade their Aruba ClearPass Policy Manager software to the latest version to address these issues. Vulnerability details CVE-2019-1932 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host.
The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host. CVE-2019-1933 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host.The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host. CVE-2019-1934 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host.The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host. CVE-2019-1935 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host

ClearPass Policy Manager and Aruba ClearPass Software Overview

ClearPass Policy Manager and Aruba ClearPass software are two separate products. There are some similarities, but there are also differences.

ClearPass Policy Manager software versions

ClearPass Policy Manager versions prior to version 4.7.1 are vulnerable to remote code execution
ClearPass Policy Manager versions prior to version 4.7.2 are also vulnerable to remote code execution
Vulnerable ClearPass Policy Manager versions can be identified by the presence of an "I'm not a robot" meta tag in the web-based interface
ClearPass Policy Manager software versions prior to version 4.7.2 are also vulnerable to remote code execution
ClearPass Policy Manager software versions prior to version 4.7.1 are vulnerable to remote code execution
ClearPass Policy Manager software versions prior to version 4.8 are also vulnerable to remote code execution

Clearpass Policy Manager and Services

ClearPass Policy Manager and Services is a service to help organizations manage and implement their network security policy across the enterprise. This includes customers who have ClearPass Policy Manager and clients that have ClearPass in-place.
The vulnerability in question affects the web-based interface on ClearPass Policy Manager, which does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host. For more information about this vulnerability, see CVE-2019-1932, CVE-2019-1933, and CVE-2019-1934

Timeline

Published on: 09/20/2022 20:15:00 UTC
Last modified on: 09/21/2022 20:15:00 UTC

References

• https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-013.txt
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37883