CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43538
https://notcve.org/view.php?id=CVE-2022-43538
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. Las vulnerabilidades en la interfaz de administración basada en web de ClearPass Policy Manager permiten a usuarios remotos autenticados ejecutar comandos arbitrarios en el host subyacente. Los exploits exitosos podrían permitir a un atacante ejecutar comandos arbitrarios como root en el sistema operativo subyacente, lo que llevaría a comprometer completamente el sistema en las versiones de Aruba ClearPass Policy Manager: ClearPass Policy Manager 6.10.x: 6.10.7 y anteriores y ClearPass Policy Manager 6.9. x: 6.9.12 y anteriores. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-020.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43537
https://notcve.org/view.php?id=CVE-2022-43537
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. Las vulnerabilidades en la interfaz de administración basada en web de ClearPass Policy Manager permiten a usuarios remotos autenticados ejecutar comandos arbitrarios en el host subyacente. Los exploits exitosos podrían permitir a un atacante ejecutar comandos arbitrarios como root en el sistema operativo subyacente, lo que llevaría a comprometer completamente el sistema en las versiones de Aruba ClearPass Policy Manager: ClearPass Policy Manager 6.10.x: 6.10.7 y anteriores y ClearPass Policy Manager 6.9. x: 6.9.12 y anteriores. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-020.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43536
https://notcve.org/view.php?id=CVE-2022-43536
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. Las vulnerabilidades en la interfaz de administración basada en web de ClearPass Policy Manager permiten a usuarios remotos autenticados ejecutar comandos arbitrarios en el host subyacente. Los exploits exitosos podrían permitir a un atacante ejecutar comandos arbitrarios como root en el sistema operativo subyacente, lo que llevaría a comprometer completamente el sistema en las versiones de Aruba ClearPass Policy Manager: ClearPass Policy Manager 6.10.x: 6.10.7 y anteriores y ClearPass Policy Manager 6.9. x: 6.9.12 y anteriores. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-020.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43535
https://notcve.org/view.php?id=CVE-2022-43535
A vulnerability in the ClearPass OnGuard Windows agent could allow malicious users on a Windows instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with NT AUTHORITY\SYSTEM level privileges on the Windows instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. Una vulnerabilidad en el agente de Windows ClearPass OnGuard podría permitir a usuarios malintencionados en una instancia de Windows elevar sus privilegios de usuario. Un exploit exitoso podría permitir a estos usuarios ejecutar código arbitrario con privilegios de nivel NT AUTHORITY\SYSTEM en la instancia de Windows en las versiones de Aruba ClearPass Policy Manager: ClearPass Policy Manager 6.10.x: 6.10.7 y anteriores y ClearPass Policy Manager 6.9. x: 6.9.12 y anteriores. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-020.txt •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-43534
https://notcve.org/view.php?id=CVE-2022-43534
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below. Una vulnerabilidad en el agente ClearPass OnGuard Linux podría permitir a usuarios malintencionados en una instancia de Linux elevar sus privilegios de usuario. Un exploit exitoso podría permitir a estos usuarios ejecutar código arbitrario con privilegios de nivel raíz en la instancia de Linux en las versiones de Aruba ClearPass Policy Manager: ClearPass Policy Manager 6.10.x: 6.10.7 y anteriores y ClearPass Policy Manager 6.9.x: 6.9 .12 y menos. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-020.txt •