CVE-2018-7066
published 2018-12-07CVE-2018-7066: An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators…
PriorityP266critical9CVSS 3.0
AVNACHPRNUINSCCHIHAH
EPSS
3.48%
87.6th percentile
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -> Network -> Devices -> CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arubanetworks | clearpass_policy_manager | < 6.6.10 | 6.6.10 |
| arubanetworks | clearpass_policy_manager | >= 6.7.0 < 6.7.5 | 6.7.5 |
| hewlett_packard_enterprise | aruba_clearpass_policy_manager | — | — |
CVSS provenance
nvdv3.09.0CRITICALCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-12-07
Published