Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
                
            Metrics
Affected Vendors & Products
References
        History
                    Thu, 27 Mar 2025 15:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Arubanetworks Arubanetworks clearpass Policy Manager | |
| CPEs | cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:-:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_2:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_5:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_6:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.12.0:*:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:-:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_2:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_3:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_4:*:*:*:*:*:* | |
| Vendors & Products | Arubanetworks Arubanetworks clearpass Policy Manager | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: hpe
Published: 2024-02-27T21:54:21.857Z
Updated: 2024-08-02T00:07:18.955Z
Reserved: 2024-02-16T19:42:43.184Z
Link: CVE-2024-26294
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-08-02T00:07:18.955Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2024-02-27T22:15:14.923
Modified: 2025-03-27T15:04:47.140
Link: CVE-2024-26294
 Redhat
                        Redhat
                    No data.