CVE-2022-43534
First published: Thu Jan 05 2023(Updated: )
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arubanetworks Clearpass Policy Manager | >=6.9.0<6.9.12 | |
| Arubanetworks Clearpass Policy Manager | >=6.10.0<6.10.7 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-43534?
The severity of CVE-2022-43534 is high with a score of 7.8.
What is the vulnerability in ClearPass OnGuard Linux agent?
The vulnerability in ClearPass OnGuard Linux agent allows malicious users on a Linux instance to elevate their user privileges.
Which versions of Aruba ClearPass Policy Manager are affected by CVE-2022-43534?
Aruba ClearPass Policy Manager versions 6.9.0 to 6.9.12 and versions 6.10.0 to 6.10.7 are affected by CVE-2022-43534.
How can malicious users exploit CVE-2022-43534?
Malicious users can exploit CVE-2022-43534 to execute arbitrary code with root-level privileges on the Linux instance.
Is the Linux kernel vulnerable to CVE-2022-43534?
No, the Linux kernel is not vulnerable to CVE-2022-43534.
- collector/nvd-index
- vendor/arubanetworks
- canonical/arubanetworks clearpass policy manager
- version/arubanetworks clearpass policy manager/6.9.0
- version/arubanetworks clearpass policy manager/6.10.0
- vendor/linux
- canonical/linux linux kernel