CVE-2024-51772

An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.

Published: Dec 3, 2024
Updated: May 4, 2025
CVE: CVE-2024-51772
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
arubanetworks / clearpass_policy_manager	6.11.0	6.11.10
arubanetworks / clearpass_policy_manager	6.12.0	6.12.3

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04761en_us&docLocale=en_US

Vulnerability Database

289,697

CVE-2024-51772