6.5
CVE-2024-26301
- EPSS 0.16%
- Published 27.02.2024 23:15:07
- Last modified 12.12.2024 20:12:59
- Source security-alert@hpe.com
- Teams watchlist Login
- Open Login
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.
Data is provided by the National Vulnerability Database (NVD)
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.9.0 < 6.9.13
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.10.0 < 6.10.8
Arubanetworks ≫ Clearpass Policy Manager Version >= 6.11.0 <= 6.11.6
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Update-
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Updatecumulative_hotfix_patch_2
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Updatecumulative_hotfix_patch_3
Arubanetworks ≫ Clearpass Policy Manager Version6.9.13 Updatecumulative_hotfix_patch_4
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Update-
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Updatecumulative_hotfix_patch_2
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Updatecumulative_hotfix_patch_5
Arubanetworks ≫ Clearpass Policy Manager Version6.10.8 Updatecumulative_hotfix_patch_6
Arubanetworks ≫ Clearpass Policy Manager Version6.12.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.369 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| security-alert@hpe.com | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|