Published: 15/02/2018 Updated: 03/10/2019

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp aruba clearpass policy manager

Aruba bugs squashed in seven-vuln splatfest

The Register • Richard Chirgwin • 29 May 2017

ClearPass Policy Manager needs upgrade

In case you missed it: there's a bunch of bad bugs in HPE's Aruba ClearPass Policy Manager. The Bugtraq post landed here Friday afternoon US time, a followup to HPE's announcement of a collection of seven CVEs (Common Vulnerabilities and Exposures). HPE hasn't detailed the nature of the vulnerabilities, but they include an unauthenticated remote code execution (RCE) bug (CVE-2017-5824), a privilege escalation bug (CVE-2017-5825), an RCE available to authenticated users (CVE-2017-5826), a reflect...

CVE-2017-5825

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect