CVE-2025-23059

Medium CVSS: 6.8

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. If exploited successfully, this vulnerability allows an authenticated remote attacker with high privileges to access and retrieve sensitive data, potentially compromising the integrity and security of the entire system.

Vendor

Arubanetworks

Product

Clearpass Policy Manager

CWE

CWE-22

Yayın Tarihi

2025-02-04 18:15:35

Güncelleme

2025-03-28 17:53:08

Source Identifier

security-alert@hpe.com

KEV Date Added

Kategoriler

CWE-22 Clearpass Policy Manager MEDIUM Arubanetworks 2025

Referanslar

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04784en_us&docLocale=en_US

Benzer Kayıtlar

Medium

CVE-2026-23810

A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-…

Medium

CVE-2026-23811

A vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restriction…

Medium

CVE-2026-23812

A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless clie…

Medium

CVE-2026-23601

A vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can ge…

Medium

CVE-2026-23808

A vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to i…

Medium

CVE-2026-23809

A technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs.…