CVE-2021-26677

Name of the Vulnerable Software and Affected Versions Aruba ClearPass Policy Manager versions prior to 6.9.5 Aruba ClearPass Policy Manager version 6.8.8-HF1 Aruba ClearPass Policy Manager version 6.7.14-HF1

Description A local authenticated escalation of privilege issue was discovered in Aruba ClearPass Policy Manager. This issue affects the ClearPass OnGuard component, allowing local authenticated users on a Windows platform to elevate their privileges. A successful exploit could allow an attacker to execute arbitrary code with SYSTEM level privileges.

Recommendations For versions prior to 6.9.5, update to version 6.9.5 or later. For version 6.8.8-HF1, update to a version that includes the necessary security fixes. For version 6.7.14-HF1, update to a version that includes the necessary security fixes.