SB2023110812 - Multiple vulnerabilities in HPE Aruba ClearPass Policy Manager

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023110812

SB2023110812 - Multiple vulnerabilities in HPE Aruba ClearPass Policy Manager

Published: November 8, 2023

Security Bulletin ID SB2023110812
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 40% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-43506)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions in the ClearPass OnGuard Linux agent. A local user can execute arbitrary code with elevated privileges.


2) OS Command Injection (CVE-ID: CVE-2023-43510)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Improper access control (CVE-ID: CVE-2023-43509)

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the web-based management interface. A remote attacker can send notifications to computers that are running ClearPass OnGuard.


4) Incorrect authorization (CVE-ID: CVE-2023-43508)

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to authorization bypass in the web-based management interface. A remote user can complete state-changing actions that should not be allowed by their current level of authorization on the platform.


5) SQL injection (CVE-ID: CVE-2023-43507)

The vulnerability allows a remote user to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote administrator can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


Remediation

Install update from vendor's website.

References