9
CVE-2020-7116
- EPSS 1.94%
- Veröffentlicht 03.06.2020 13:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:39
- Quelle security-alert@hpe.com
- Teams Watchlist Login
- Unerledigt Login
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.7.0 <= 6.7.13
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.8.0 < 6.8.6
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.9.0 < 6.9.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.94% | 0.827 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|