漏洞标题
N/A
漏洞描述信息
ClearPass Policy Manager 在线管理界面的漏洞允许远程授权用户对 underlying 主机执行任意命令。一个成功的漏洞利用可能导致攻击者以 root 权限在底层操作系统上执行任意命令,从而导致系统完全崩溃。Aruba 已经发布了针对 Aruba ClearPass Policy Manager 的升级,解决了这些安全漏洞。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Aruba Networks ClearPass Policy Manager 操作系统命令注入漏洞
漏洞描述信息
Aruba Networks ClearPass Policy Manager是美国安移通(Aruba Networks)公司的一个应用系统提供无线网络安全接入管理系统 Aruba Networks ClearPass Policy Manager 6.10.6及之前版本、6.9.11及之前版本存在操作系统命令注入漏洞,该漏洞源于基于 Web的管理界面中的漏洞允许经过身份验证的远程用户在底层主机上运行任意命令。
CVSS信息
N/A
漏洞类别
授权问题