Multiple vulnerabilities in Aruba Networking ClearPass Policy Manager
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2025-23058 CVE-2024-7348 CVE-2025-23059 CVE-2025-23060 CVE-2025-25039 |
| CWE-ID | CWE-284 CWE-367 CWE-200 CWE-78 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
ClearPass Policy Manager Other software / Other software solutions |
| Vendor | Aruba Networks |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU103662
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-23058
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the web-based management interface. A remote user can bypass implemented security restrictions and gain unauthorized access to the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsClearPass Policy Manager: 6.11.0 - 6.12.3
CPE2.3- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.2:*:*:*:*:*:*:*
https://csaf.arubanetworks.com/2025/hpe_aruba_networking_-_hpesbnw04784.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Time-of-check Time-of-use (TOCTOU) Race Condition
EUVDB-ID: #VU95605
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-7348
CWE-ID:
CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges within the database.
The vulnerability exists due to a race condition when executing concurrent pg_dump sessions. A remote user with privileges to create and drop non-temporary objects can execute arbitrary SQL commands with the privileges of the role running pg_dump (which is often a superuser).
Install update from vendor's website.
Vulnerable software versionsClearPass Policy Manager: 6.11.0 - 6.12.3
CPE2.3- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.2:*:*:*:*:*:*:*
https://csaf.arubanetworks.com/2025/hpe_aruba_networking_-_hpesbnw04784.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU103671
Risk: Low
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-23059
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application in the web-based management interface. A remote administrator can gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsClearPass Policy Manager: 6.11.0 - 6.12.3
CPE2.3- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.2:*:*:*:*:*:*:*
https://csaf.arubanetworks.com/2025/hpe_aruba_networking_-_hpesbnw04784.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU103672
Risk: Low
CVSSv4.0: 3.6 [CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-23060
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote administrator can gain unauthorized access to sensitive information on the system, leading to a man-in-the-middle (MitM) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsClearPass Policy Manager: 6.11.0 - 6.12.3
CPE2.3- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.2:*:*:*:*:*:*:*
https://csaf.arubanetworks.com/2025/hpe_aruba_networking_-_hpesbnw04784.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) OS Command Injection
EUVDB-ID: #VU103673
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-25039
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsClearPass Policy Manager: 6.11.0 - 6.12.3
CPE2.3- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:aruba_networks:clearpass_policy_manager:6.11.2:*:*:*:*:*:*:*
https://csaf.arubanetworks.com/2025/hpe_aruba_networking_-_hpesbnw04784.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
