First published: Wed Mar 22 2023(Updated: )
A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment.
Credit: security-alert@hpe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Arubanetworks Clearpass Policy Manager | >=6.9.0<=6.9.13 | |
Arubanetworks Clearpass Policy Manager | >=6.10.0<=6.10.8 | |
Arubanetworks Clearpass Policy Manager | =6.11.0 | |
Arubanetworks Clearpass Policy Manager | =6.11.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2023-25595.
The severity of CVE-2023-25595 is medium with a CVSS score of 5.5.
ClearPass Policy Manager versions 6.9.0 to 6.9.13, 6.10.0 to 6.10.8, 6.11.0, and 6.11.1 are affected by CVE-2023-25595.
An attacker with local Ubuntu instance access can potentially obtain sensitive information from the ClearPass OnGuard Ubuntu agent.
You can find more information about CVE-2023-25595 at the following link: [Aruba Networks Advisory ARUBA-PSA-2023-003](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt)