CVE-2024-41916

Published: Jul 30, 2024Modified: Nov 21, 2024

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

Affected (3)

Products: Arubanetworks: Clearpass Policy Manager

Arubanetworks

1 product

Clearpass Policy Manager

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Arubanetworks Clearpass Policy Manager	Up to 6.11.8
Arubanetworks Clearpass Policy Manager	Version 6.12.0
Arubanetworks Clearpass Policy Manager	Version 6.12.1

References (2)

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04675en_us&docLocale=en_US

Source: security-alert@hpe.com

Vendor Advisory

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04675en_us&docLocale=en_US

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.