6.5
CVE-2024-26301
- EPSS 0.16%
- Veröffentlicht 27.02.2024 23:15:07
- Zuletzt bearbeitet 12.12.2024 20:12:59
- Quelle security-alert@hpe.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.9.0 < 6.9.13
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.10.0 < 6.10.8
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.11.0 <= 6.11.6
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Update-
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Updatecumulative_hotfix_patch_2
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Updatecumulative_hotfix_patch_3
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Updatecumulative_hotfix_patch_4
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Update-
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Updatecumulative_hotfix_patch_2
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Updatecumulative_hotfix_patch_5
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Updatecumulative_hotfix_patch_6
Arubanetworks ≫ Clearpass Policy Manager Version6.12.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.369 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| security-alert@hpe.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|