As a result, administrators are encouraged to upgrade their ClearPass Policy Manager systems as soon as possible. In addition, users should be aware of the following risk associated with this vulnerability. An attacker could exploit this vulnerability to send specific operations which result in a Denial-of-Service condition. For example, if an attacker sends a request to “GET /cgi/status/info.xml”, then the system will receive the following response: [root@localhost ~]# curl -X GET /cgi/status/info.xml -H "Host: example.com" -H "Accept: text/xml" -H "Content-Type: text/xml" -H " Connection: close" -d 'status>0/status>' -d 'info>' The above example will result in a Denial-of-Service condition due to the following reasons: The system is receiving an operation that it is not expecting.
There is no buffer size configured.
There is no max-buffer value configured.
In this example, the response received from the server is too large to be handled by the system.
ClearPass Policy Manager Software Description
The ClearPass Policy Manager is a software application that allows IT administrators to manage, monitor and distribute policies across a network of managed devices. This includes the ability to deploy policies onto a workstation or server, create custom policies for specific types of devices such as laptops or mobile devices, and then apply them to local users and groups.
ClearPass Alerts and Remediation Guide
ClearPass has compiled a notification and remediation guide to help administrators in the event they are concerned that they may be at risk for this vulnerability.
If you have any questions, please reach out to your ClearPass sales representative or support team.
Timeline
Published on: 09/20/2022 20:15:00 UTC
Last modified on: 09/21/2022 20:07:00 UTC