Vulnerabilities > CVE-2023-25595 - Unspecified vulnerability in Arubanetworks Clearpass Policy Manager

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

arubanetworks

NVD

Published: 2023-03-22

Updated: 2023-11-07

Summary

A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment.

Vulnerable Configurations

Part	Description	Count
Application	Arubanetworks Arubanetworks Clearpass Policy Manager 6.9.0 Arubanetworks Clearpass Policy Manager 6.9.1 Arubanetworks Clearpass Policy Manager 6.9.5 Arubanetworks Clearpass Policy Manager 6.9.6 Arubanetworks Clearpass Policy Manager 6.9.7 Arubanetworks Clearpass Policy Manager 6.9.9 Arubanetworks Clearpass Policy Manager 6.9.11 Arubanetworks Clearpass Policy Manager 6.9.12 Arubanetworks Clearpass Policy Manager 6.9.13 Arubanetworks Clearpass Policy Manager 6.10.0 Arubanetworks Clearpass Policy Manager 6.10.2 Arubanetworks Clearpass Policy Manager 6.10.4 Arubanetworks Clearpass Policy Manager 6.10.6 Arubanetworks Clearpass Policy Manager 6.10.7 Arubanetworks Clearpass Policy Manager 6.10.8 Arubanetworks Clearpass Policy Manager 6.11.0 Arubanetworks Clearpass Policy Manager 6.11.1	23

References

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt