FKIE_CVE-2023-43509

Vulnerability from fkie_nvd - Published: 2023-10-25 18:17 - Updated: 2024-11-21 08:24
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to send notifications to computers that are running ClearPass OnGuard. These notifications can then be used to phish users or trick them into downloading malicious software.
References
security-alert@hpe.comhttps://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txtVendor Advisory
Impacted products
Vendor Product Version
arubanetworks clearpass_policy_manager *
arubanetworks clearpass_policy_manager *
arubanetworks clearpass_policy_manager *
arubanetworks clearpass_policy_manager 6.9.13
arubanetworks clearpass_policy_manager 6.9.13
arubanetworks clearpass_policy_manager 6.9.13
arubanetworks clearpass_policy_manager 6.10.8
arubanetworks clearpass_policy_manager 6.10.8
arubanetworks clearpass_policy_manager 6.10.8
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "124117E4-FE27-43AB-B5F5-B4EFCA767430",
              "versionEndExcluding": "6.9.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F5E56D-039C-47B0-827A-AFE34887DAD2",
              "versionEndExcluding": "6.10.8",
              "versionStartIncluding": "6.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "349AD8EE-ECFF-469B-80E6-0ABFDEF55A2C",
              "versionEndIncluding": "6.11.4",
              "versionStartIncluding": "6.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:-:*:*:*:*:*:*",
              "matchCriteriaId": "57C5BF92-A455-44E4-AE20-F9A1D790422D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_2:*:*:*:*:*:*",
              "matchCriteriaId": "7962FD34-6A38-461A-8942-BCA227AF8AF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.9.13:cumulative_hotfix_patch_3:*:*:*:*:*:*",
              "matchCriteriaId": "435A3CE6-AB76-4F4F-B11F-71E0C7619A9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "1DB2448F-D014-4672-90A9-3BCC91096B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_2:*:*:*:*:*:*",
              "matchCriteriaId": "80F47102-7F9F-449F-91A1-76372AA7F3D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.10.8:cumulative_hotfix_patch_5:*:*:*:*:*:*",
              "matchCriteriaId": "F85708F3-CA05-472A-9B51-373D1AD14E9C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web-based management interface of\u00a0ClearPass Policy Manager could allow an unauthenticated\u00a0remote attacker to send notifications to computers that are\u00a0running ClearPass OnGuard. These notifications can then be\u00a0used to phish users or trick them into downloading malicious\u00a0software."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de ClearPass Policy Manager podr\u00eda permitir que un atacante remoto no autenticado env\u00ede notificaciones a ordenadores que ejecutan ClearPass OnGuard. Estas notificaciones pueden utilizarse para realizar phishing a los usuarios o enga\u00f1arlos para que descarguen software malicioso."
    }
  ],
  "id": "CVE-2023-43509",
  "lastModified": "2024-11-21T08:24:11.110",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "security-alert@hpe.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-10-25T18:17:32.050",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.