CVE-2015-4650

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to gain shell access and execute arbitrary code with root privileges via unspecified vectors.

Published: Oct 16, 2017
Updated: Apr 13, 2023
CVE: CVE-2015-4650
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
arubanetworks / clearpass_policy_manager	6.5.0	6.5.0.x
arubanetworks / clearpass_policy_manager	6.5.1	6.5.1.x
arubanetworks / clearpass_policy_manager	-	6.4.6.x

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-009.txt
http://www.securityfocus.com/bid/76115

Vulnerability Database

289,784

CVE-2015-4650