Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-25595

A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment.

Published

2023-03-22T06:15:10.430

Last Modified

2025-02-27T19:15:48.220

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	arubanetworks	clearpass_policy_manager	≤ 6.9.13	Yes
Application	arubanetworks	clearpass_policy_manager	≤ 6.10.8	Yes
Application	arubanetworks	clearpass_policy_manager	6.11.0	Yes
Application	arubanetworks	clearpass_policy_manager	6.11.1	Yes

References

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt Vendor Advisory ([email protected])
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)