Pear1Y

**Name of the Vulnerable Software and Affected Versions** HPE Aruba Networking ClearPass Policy Manager (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack. Successful exploitation could enable a threat actor to perform any actions the user is authorized to do, including accessing the user's data and altering information within the user's permissions. This could lead to data modification, deletion, or theft, including unauthorized access to files, file deletion, or the theft of session cookies, which an attacker could use to hijack a user's session. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. The attacker would need valid Super Admin credentials to exploit this vulnerability. This issue is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by sending a crafted API request to an affected device, potentially allowing them to read or delete arbitrary files on the underlying operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This issue exists because the interface does not properly validate user-supplied input. An attacker could exploit this by persuading a user to click a crafted link, potentially allowing the execution of arbitrary script code in the context of the affected interface or access to sensitive browser-based information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. This issue is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this by sending a crafted API request to an affected device, allowing them to read or delete arbitrary files on the underlying operating system. The attacker would need valid Super Admin credentials to exploit this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on the underlying operating system of an affected device. This is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by sending a crafted API request to an affected device, potentially allowing them to upload custom files to arbitrary locations, execute arbitrary code, and elevate privileges to root. The attacker would need valid Super Admin credentials to exploit this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE versions prior to 3.3.0 **Description** A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. This is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this by sending a crafted API request to an affected device, allowing them to read or delete arbitrary files on the underlying operating system. The attacker would need valid Super Admin credentials to exploit this vulnerability. **Recommendations** For versions prior to 3.3.0, upgrade the affected components immediately to resolve the issue. As a temporary workaround, consider restricting access to the API or limiting the privileges of Super Admin accounts until the upgrade can be applied.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This issue exists because the interface does not properly validate user-supplied input. An attacker could exploit this by persuading a user to click a crafted link, potentially allowing the execution of arbitrary script code in the context of the affected interface or access to sensitive browser-based information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side request forgery (SSRF) attack through an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing XML input. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to read arbitrary files on the underlying operating system or conduct an SSRF attack through the affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated, remote attacker to upload arbitrary files to an affected device. The attacker would need at least valid Policy Admin credentials on the affected device. This issue is due to improper validation of uploaded files. An attacker could exploit this by uploading arbitrary files, potentially storing malicious files, executing arbitrary commands, and elevating privileges to root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Avaya IP Office versions prior to 11.1.3.1 **Description** An improper input validation issue was discovered in Avaya IP Office, allowing remote command or code execution via a specially crafted web request to the Web Control component. **Recommendations** For versions prior to 11.1.3.1, update to version 11.1.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Web Control component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Avaya IP Office versions prior to 11.1.3.1 **Description** An unrestricted file upload issue in Avaya IP Office was discovered, which could allow remote command or code execution via the One-X component. **Recommendations** For versions prior to 11.1.3.1, update to version 11.1.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the One-X component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PAN-OS (affected versions not specified) **Description** The issue is related to improper input validation in the PAN-OS software, which allows an attacker to manipulate the physical file system and elevate privileges. This can be exploited by an attacker to gain higher privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) (affected versions not specified) **Description** The issue is related to improper input validation for specific HTTP requests in the web-based management interface, allowing an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. An attacker could exploit this by sending a crafted HTTP request to an affected device, potentially allowing them to send arbitrary network requests sourced from the affected device. The attacker would need valid Super Admin credentials to successfully exploit this vulnerability. **Recommendations** To resolve the issue, update the Cisco Identity Services Engine (ISE) to a version that includes the fix for the improper input validation vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (affected versions not specified) **Description** The issue is related to insufficient file input validation in the web-based management interface, allowing an authenticated, remote attacker to upload malicious files to the web root of the application. This could enable the attacker to replace files and gain access to sensitive server-side information. The vulnerability can be exploited by uploading a malicious file to the web interface. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) (affected versions not specified) **Description** A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information, conduct a server-side request forgery (SSRF) attack through an affected device, or negatively impact the responsiveness of the web-based management interface itself. This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by uploading a crafted XML file that contains references to external entities. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of confidential information. A successful exploit could also cause the web application to perform arbitrary HTTP requests on behalf of the attacker or consume memory resources to reduce the availability of the web-based management interface. To successfully exploit this vulnerability, an attacker would need valid Super Admin or Policy Admin credentials. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.