VYPR
Unrated severityNVD Advisory· Published Feb 4, 2025· Updated Mar 13, 2025

Authenticated Broken Access Control Vulnerability in ClearPass Policy Manager Web-Based Management Interface

CVE-2025-23058

Description

A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to execute functions that should be restricted to administrators only with read/write privileges. Successful exploitation could enable a low-privileged user to execute administrative functions leading to an escalation of privileges.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.