CVE-2018-7058
https://notcve.org/view.php?id=CVE-2018-7058
Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent. Aruba ClearPass, en todas las versiones 6.6.x anteriores a la 6.6.9, se han visto afectadas por una vulnerabilidad de omisión de autenticación para obtener privilegios de administrador en el sistema. La vulnerabilidad solo se expone en interfaces web de ClearPass, incluyendo la administrativa, el portal cautivo invitado y la API. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt • CWE-287: Improper Authentication •
CVE-2017-9002
https://notcve.org/view.php?id=CVE-2017-9002
All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an attacker who can trick a logged-in ClearPass administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords. The vulnerability requires that an administrative users click on the malicious link while currently logged into ClearPass in the same browser. Todas las versiones de Aruba ClearPass anteriores a la 6.6.8 contienen vulnerabilidades de Cross-Site Scripting reflejado. Al explotar esta vulnerabilidad, un atacante que pueda engañar a un usuario administrativo de ClearPass que haya iniciado sesión para que haga clic en un enlace podrá obtener información sensible, como las cookies de sesión o las contraseñas. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-004.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-7059
https://notcve.org/view.php?id=CVE-2018-7059
Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenticated as a user with "mon" permission. Aruba ClearPass en versiones anteriores a la 6.6.9 tiene una vulnerabilidad en la API que ayuda a coordinar acciones del clúster. Un usuario autenticado con el permiso "mon" podría emplear esta vulnerabilidad para obtener credenciales del clúster, lo que podría permitir el escalado de privilegios. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt • CWE-20: Improper Input Validation •
CVE-2017-9001
https://notcve.org/view.php?id=CVE-2017-9001
Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to execute arbitrary commands on the underlying operating system with "root" privilege level. This vulnerability is only present when a specific feature has been enabled. The SSH Lockout feature is not enabled by default, so only systems which have enabled this feature are vulnerable. Aruba ClearPass en versiones 6.6.3 y posteriores incluye una característica llamada "SSH Lockout", que provoca que ClearPass bloquee cuentas con demasiados errores de inicio de sesión mediante SSH. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-004.txt •
CVE-2018-5390 – Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service
https://notcve.org/view.php?id=CVE-2018-5390
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. El kernel de Linux en versiones 4.9 y siguientes pueden forzarse a realizar llamadas muy caras a tcp_collapse_ofo_queue() y tcp_prune_ofo_queue() para cada paquete entrante, lo que puede conducir a una denegación de servicio. A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20181031-02-linux-en http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/104976 http://www.securitytracker.com/id/1041424 http://www.securitytracker.com/id/1041434 https://access.redhat.co • CWE-400: Uncontrolled Resource Consumption •