PT-2022-24117 · Aruba · Aruba Clearpass Policy Manager

Published

2022-09-20

Updated

2022-09-21

CVE-2022-37877

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Aruba ClearPass Policy Manager versions 6.10.6 and below Aruba ClearPass Policy Manager versions 6.9.11 and below

Description A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance.

Recommendations For Aruba ClearPass Policy Manager version 6.10.6 and below, upgrade to a version above 6.10.6 to address this security vulnerability. For Aruba ClearPass Policy Manager version 6.9.11 and below, upgrade to a version above 6.9.11 to address this security vulnerability.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-37877

Affected Products

Aruba Clearpass Policy Manager

PT-2022-24117 · Aruba · Aruba Clearpass Policy Manager

CVE-2022-37877

Related Identifiers

Affected Products

References · 3