web analytics

Aruba bugs squashed in seven-vuln splatfest

ClearPass Policy Manager needs upgrade

linkedin
29 May 2017 at 01:58, Richard Chirgwin
 

In case you missed it: there’s a bunch of bad bugs in HPE’s Aruba ClearPass Policy Manager.

 

The Bugtraq post landed here Friday afternoon US time, a followup to HPE’s announcement of a collection of seven CVEs (Common Vulnerabilities and Exposures).

 

HPE hasn’t detailed the nature of the vulnerabilities, but they include an unauthenticated remote code execution (RCE) bug (CVE-2017-5824), a privilege escalation bug (CVE-2017-5825), an RCE available to authenticated users (CVE-2017-5826), a reflected cross-site scripting (XSS) bug (CVE-2017-5827), arbitrary command execution via an XML external entity (CVE-2017-5828), and an access control bypass (CVE-2017-5829).

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico