A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. Successful exploitation could enable the attacker to run arbitrary commands on the underlying operating system.
Metrics
Affected Vendors & Products
References
History
Tue, 03 Dec 2024 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Arubanetworks
Arubanetworks clearpass Policy Manager |
|
Weaknesses | CWE-77 | |
CPEs | cpe:2.3:a:arubanetworks:clearpass_policy_manager:-:*:*:*:*:*:*:* | |
Vendors & Products |
Arubanetworks
Arubanetworks clearpass Policy Manager |
|
Metrics |
ssvc
|
Tue, 03 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. Successful exploitation could enable the attacker to run arbitrary commands on the underlying operating system. | |
Title | Authenticated Remote Code Execution (RCE) via OGNL Injection in HPE Aruba Networking ClearPass Web-Based Management Interface | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: hpe
Published: 2024-12-03T20:02:02.240Z
Updated: 2024-12-03T21:55:47.056Z
Reserved: 2024-11-01T14:42:12.299Z
Link: CVE-2024-51771
Vulnrichment
Updated: 2024-12-03T21:55:27.238Z
NVD
Status : Received
Published: 2024-12-03T20:15:15.477
Modified: 2024-12-03T22:15:05.180
Link: CVE-2024-51771
Redhat
No data.