CVE-2020-7115
35Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 65%
from disclosure to weapon37 days
Published on NVDJun 3
1st PoC+37d
exploitation probability
65%top 1% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher.
Affected products
n/a · ClearPass Policy Managerpublic PoCs found — 3
githubgithub.com/Retr02332/CVE-2020-7115★ 2cve_referencepacketstormsecurity.com/files/158368/ClearPass-Policy-Manager-Unauthenticated-Remote-Command-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48661unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.