Aruba Networks has disclosed a collection of patches covering eight vulnerabilities in its ClearPass Policy Manager software.
The software provides unified network access enforcement across wireless, wired and VPN networks.
Leading the list is a bug found by New Zealander pentester Daniel Jensen.
CVE-2023-25589 (CVSS score 9.8) is a bug in the ClearPass policy manager’s web-based management interface.
Unauthenticated attackers could achieve “total cluster compromise” by creating arbitrary users on the platform, Aruba said.
There are also four bugs rated high-severity.
The OnGuard Linux agent has a local privilege escalation bug rated 7.8, CVE-2023-25590.
A successful attacker on a Linux instance could execute arbitrary code with root privilege on the Linux instance.
Luke Young reported the vulnerability via the company’s Bugcrowd bounty program.
Under CVE-2023-25591, an attacker who can authenticate with low privileges can take advantage of a bug in the policy manager’s web-based interface, potentially retrieving information to gain further privileges.
This bug was also attributed to Luke Young.
Two reflected cross site scripting bugs, CVE-2023-25592 and CVE-2023-25593, allow an attacker to execute arbitrary script code in a victim’s browser.
The remaining three vulnerabilities patched today are rated medium severity.
The affected software versions are ClearPass Policy Manager 6.11.1 and below, 6.10.8 and blow, and 6.913 and below, and fixed versions are available.
The full advisory is here.
