PT-2017-6690 · Aruba Networks · Clearpass Policy Manager

Publicado

2017-08-29

Atualizado

2017-09-06

CVE-2015-3653

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Aruba Networks ClearPass Policy Manager versions prior to 6.4.7 Aruba Networks ClearPass Policy Manager versions 6.5.x prior to 6.5.2

Description The issue allows remote authenticated administrators to write to arbitrary files within the underlying operating system. This can cause a denial of service or potentially allow privilege escalation by leveraging incorrect permission checking.

Recommendations For versions prior to 6.4.7, update to version 6.4.7 or later. For versions 6.5.x prior to 6.5.2, update to version 6.5.2 or later.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2015-3653

Produtos afetados

Clearpass Policy Manager

PT-2017-6690 · Aruba Networks · Clearpass Policy Manager

CVE-2015-3653

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3