Back to search
CVE-2018-7079
Published: Dec 7, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
Aruba ClearPass Policy Manager guest authorization failure. Certain administrative operations in ClearPass Guest do not properly enforce authorization rules, which allows any authenticated administrative user to execute those operations regardless of privilege level. This could allow low-privilege users to view, modify, or delete guest users. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix.
| Vendor | Product | Versions |
|---|---|---|
Hewlett Packard Enterprise | Aruba ClearPass Policy Manager | affected ClearPass 6.7.x prior to 6.7.6, ClearPass 6.6.10 and earlier without hotfix applied |
References
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-007.txt
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now