Unrated severityNVD Advisory· Published Feb 4, 2025· Updated Mar 13, 2025
Authenticated Broken Access Control Vulnerability in ClearPass Policy Manager Web-Based Management Interface
CVE-2025-23058
Description
A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to execute functions that should be restricted to administrators only with read/write privileges. Successful exploitation could enable a low-privileged user to execute administrative functions leading to an escalation of privileges.
Affected products
2- Hewlett Packard Enterprise (HPE)/HPE Aruba Networking ClearPass Policy Managerv5Range: 6.12.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.