Arbitrary Command Execution in ClearPass Policy Manager Web Interface
CVE-2024-51772 Published on December 3, 2024
Authenticated Deserialization Vulnerability in ClearPass Policy Manager Web-Based Management Interface Leading to a Remote Command Execution (RCE)
An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.
Vulnerability Analysis
CVE-2024-51772 is exploitable with network access, requires user interaction and user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Command Injection Vulnerability?
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CVE-2024-51772 has been classified to as a Command Injection vulnerability or weakness.
Products Associated with CVE-2024-51772
Want to know whenever a new CVE is published for Aruba Networks Clearpass Policy Manager? stack.watch will email you.
Affected Versions
Hewlett Packard Enterprise (HPE) HPE Aruba Networking ClearPass Policy Manager:- Version 6.12.0, <= 6.12.2 is affected.
- Version 6.11.0, <= 6.11.9 is affected.
- Version 6.12.0, <= 6.12.2 is affected.
- Version 6.11.0, <= 6.11.9 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.