Unrated severityNVD Advisory· Published Oct 24, 2023· Updated Sep 11, 2024
Authenticated Remote Command Injection in ClearPass Policy Manager Web-Based Management Interface Leading to Partial System Compromise
CVE-2023-43510
Description
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the underlying operating system leading to partial system compromise.
Affected products
2- Hewlett Packard Enterprise (HPE)/Aruba ClearPass Policy Managerv5Range: ClearPass Policy Manager 6.11.x: 6.11.4 and below
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.