漏洞标题
N/A
漏洞描述信息
ClearPass Policy Manager 在线管理界面的漏洞允许远程登录的用户在底层主机上运行任意命令。成功的漏洞利用可能导致攻击者以root身份在底层操作系统上执行任意命令,从而导致系统完全被攻击。Aruba ClearPass Policy Manager版本(s):ClearPass Policy Manager 6.10.x:6.10.7 and below,ClearPass Policy Manager 6.9.x:6.9.12 and below。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Aruba Networks ClearPass Policy Manager 操作系统命令注入漏洞
漏洞描述信息
Aruba Networks ClearPass Policy Manager是美国安移通(Aruba Networks)公司的一个应用系统提供无线网络安全接入管理系统 Aruba Networks ClearPass Policy Manager 存在操作系统命令注入漏洞。攻击者利用该漏洞可以运行任意命令。以下产品及版本受到影响:ClearPass Policy Manager 6.10.x版本至6.10.7版本、6.9.x版本至6.9.12版本。
CVSS信息
N/A
漏洞类别
授权问题