GSD-2018-7066

Vulnerability from gsd - Updated: 2023-12-13 01:22
Details
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -> Network -> Devices -> CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix.
Aliases
Aliases
CVE-2018-7066
To clipboard 

{
  "GSD": {
    "alias": "CVE-2018-7066",
    "description": "An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -\u003e Network -\u003e Devices -\u003e CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix.",
    "id": "GSD-2018-7066"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-7066"
      ],
      "details": "An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -\u003e Network -\u003e Devices -\u003e CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix.",
      "id": "GSD-2018-7066",
      "modified": "2023-12-13T01:22:32.997749Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-alert@hpe.com",
        "ID": "CVE-2018-7066",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Aruba ClearPass Policy Manager",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "ClearPass 6.7.x prior to 6.7.5, ClearPass 6.6.10 and earlier without hotfix applied"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Hewlett Packard Enterprise"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -\u003e Network -\u003e Devices -\u003e CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "remote command execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-007.txt",
            "refsource": "CONFIRM",
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-007.txt"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.6.10",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.7.5",
                "versionStartIncluding": "6.7.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2018-7066"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -\u003e Network -\u003e Devices -\u003e CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-007.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-007.txt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-12-07T21:29Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.