CVE-2023-43510 - OpenCVE

A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the underlying operating system leading to partial system compromise.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Arubanetworks	Clearpass Policy Manager

Configuration 1 [-]

OR	cpe:2.3:a:arubanetworks:clearpass_policy_manager::::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager::::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager::::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:-::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_2::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_3::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:-::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_2::::::
	cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_5::::::

References

Link	Resource
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: hpe

Published: 2023-10-24T18:14:37.992Z

Updated: 2023-10-24T18:14:37.992Z

Reserved: 2023-09-19T14:41:06.499Z

Link: CVE-2023-43510

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-25T18:17:32.107

Modified: 2023-11-01T16:20:02.553

Link: CVE-2023-43510

JSON object: View

Redhat Information

No data.

CWE

CWE-77

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-43510", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2023-09-19T14:41:06.499Z", "datePublished": "2023-10-24T18:14:37.992Z", "dateUpdated": "2023-10-24T18:14:37.992Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Aruba ClearPass Policy Manager", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"lessThanOrEqual": "<=6.11.4", "status": "affected", "version": "ClearPass Policy Manager 6.11.x: 6.11.4 and below", "versionType": "semver"}, {"status": "affected", "version": "ClearPass Policy Manager 6.10.x: 6.10.8 with ClearPass 6.10.8 Cumulative Hotfix Patch 5 and below"}, {"status": "affected", "version": "ClearPass Policy Manager 6.9.x: 6.9.13 with ClearPass 6.9.13 Cumulative Hotfix Patch 3 and below"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Daniel Jensen (@dozernz)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the underlying operating system leading to partial system compromise."}], "value": "A vulnerability in the ClearPass Policy Manager web-based\u00a0management interface allows remote authenticated users to\u00a0run arbitrary commands on the underlying host. A successful\u00a0exploit could allow an attacker to execute arbitrary\u00a0commands as a non-privileged user on the underlying\u00a0operating system leading to partial system compromise."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-10-24T18:14:37.992Z"}, "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Authenticated Remote Command Injection in ClearPass Policy Manager Web-Based Management Interface Leading to Partial System Compromise", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "124117E4-FE27-43AB-B5F5-B4EFCA767430", "versionEndExcluding": "6.9.13", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "84F5E56D-039C-47B0-827A-AFE34887DAD2", "versionEndExcluding": "6.10.8", "versionStartIncluding": "6.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "349AD8EE-ECFF-469B-80E6-0ABFDEF55A2C", "versionEndIncluding": "6.11.4", "versionStartIncluding": "6.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:-:*:*:*:*:*:*", "matchCriteriaId": "57C5BF92-A455-44E4-AE20-F9A1D790422D", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_2:*:*:*:*:*:*", "matchCriteriaId": "7962FD34-6A38-461A-8942-BCA227AF8AF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_3:*:*:*:*:*:*", "matchCriteriaId": "435A3CE6-AB76-4F4F-B11F-71E0C7619A9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:-:*:*:*:*:*:*", "matchCriteriaId": "1DB2448F-D014-4672-90A9-3BCC91096B93", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_2:*:*:*:*:*:*", "matchCriteriaId": "80F47102-7F9F-449F-91A1-76372AA7F3D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_5:*:*:*:*:*:*", "matchCriteriaId": "F85708F3-CA05-472A-9B51-373D1AD14E9C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the ClearPass Policy Manager web-based\u00a0management interface allows remote authenticated users to\u00a0run arbitrary commands on the underlying host. A successful\u00a0exploit could allow an attacker to execute arbitrary\u00a0commands as a non-privileged user on the underlying\u00a0operating system leading to partial system compromise."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de ClearPass Policy Manager permite a usuarios remotos autenticados ejecutar comandos arbitrarios en el host subyacente. Un exploit exitoso podr\u00eda permitir a un atacante ejecutar comandos arbitrarios como usuario sin privilegios en el sistema operativo subyacente, lo que podr\u00eda comprometer parcialmente el sistema."}], "id": "CVE-2023-43510", "lastModified": "2023-11-01T16:20:02.553", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.4, "source": "security-alert@hpe.com", "type": "Secondary"}]}, "published": "2023-10-25T18:17:32.107", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}