CVE-2022-43534

Name of the Vulnerable Software and Affected Versions Aruba ClearPass Policy Manager versions 6.10.x: 6.10.7 and below Aruba ClearPass Policy Manager versions 6.9.x: 6.9.12 and below

Description A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance.

Recommendations For versions 6.10.x: 6.10.7 and below, update to a version above 6.10.7 to resolve the issue. For versions 6.9.x: 6.9.12 and below, update to a version above 6.9.12 to resolve the issue. As a temporary workaround, consider restricting access to the ClearPass OnGuard Linux agent to minimize the risk of exploitation.