CVE-2023-25595

A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*

History

27 Feb 2025, 19:15

Type Values Removed Values Added
CWE CWE-284

21 Nov 2024, 07:49

Type Values Removed Values Added
References () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt - Vendor Advisory () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt - Vendor Advisory

07 Nov 2023, 04:09

Type Values Removed Values Added
Summary A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment. A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment.

28 Mar 2023, 14:54

Type Values Removed Values Added
References (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt - (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
First Time Arubanetworks clearpass Policy Manager
Arubanetworks
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.11.0:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.11.1:*:*:*:*:*:*:*

Information

Published : 2023-03-22 06:15

Updated : 2025-02-27 19:15


NVD link : CVE-2023-25595

Mitre link : CVE-2023-25595

CVE.ORG link : CVE-2023-25595


JSON object : View

Products Affected

arubanetworks

  • clearpass_policy_manager
CWE
NVD-CWE-noinfo CWE-284

Improper Access Control