CVE-2018-7079
CVE-2018-7079
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
07 dic 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Aruba ClearPass Policy Manager guest authorization failure. Certain administrative operations in ClearPass Guest do not properly enforce authorization rules, which allows any authenticated administrative user to execute those operations regardless of privilege level. This could allow low-privilege users to view, modify, or delete guest users. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix.
Productos afectados
Hewlett Packard Enterprise · Aruba ClearPass Policy Manager¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →