ClearPass Policy Manager needs upgrade
In case you missed it: there's a bunch of bad bugs in HPE's Aruba ClearPass Policy Manager. The Bugtraq post landed here Friday afternoon US time, a followup to HPE's announcement of a collection of seven CVEs (Common Vulnerabilities and Exposures). HPE hasn't detailed the nature of the vulnerabilities, but they include an unauthenticated remote code execution (RCE) bug (CVE-2017-5824), a privilege escalation bug (CVE-2017-5825), an RCE available to authenticated users (CVE-2017-5826), a reflect...