-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aruba Product Security Advisory =============================== Advisory ID: ARUBA-PSA-2020-005 CVE: CVE-2020-7115, CVE-2020-7116, CVE-2020-7117 Publication Date: 2020-Jun-02 Status: Confirmed Revision: 1 Title ===== ClearPass Policy Manager Multiple Vulnerabilities Overview ======== Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities. Affected Products ================= ClearPass 6.9.x prior to 6.9.1 ClearPass 6.8.x prior to 6.8.5-HF ClearPass 6.7.x prior to 6.7.13-HF Details ======= Unauthenticated Remote Command Execution in the WebUI (CVE-2020-7115) --------------------------------------------------------------------- The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Internal references: ATLCP-99 Severity: High CVSSv3 Overall Score: 8.1 CVSS Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher Authenticated Remote Command Execution (CVE-2020-7116, CVE-2020-7117) --------------------------------------------------------------------- The ClearPass Policy Manager WebUI administrative interface is affected by two vulnerabilities that affect two different functions of the application. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Internal references: ATLCP-101, ATLCP-93 CVE-2020-7116 Severity: High CVSSv3 Overall Score: 7.2 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-7117 Severity: Medium CVSSv3 Overall Score: 5.0 CVSS Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher Discovery: These vulnerabilities were discovered and reported by Daniel Jensen (@dozernz), via Aruba's Bug Bounty program. Resolution ========== 1. Upgrade ClearPass Policy Manager 6.9.x to version 6.9.1 2. Upgrade ClearPass Policy Manager 6.8.x to version 6.8.5-HF or 6.8.6 3. Upgrade ClearPass Policy Manager 6.7.x to version 6.7.13-HF Workarounds =========== None. Revision History ================ Revision 1 / 2020-Jun-02 / Initial release Aruba SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in Aruba Networks products, obtaining assistance with security incidents is available at: http://www.arubanetworks.com/support-services/security-bulletins/ For reporting *NEW* Aruba Networks security issues, email can be sent to aruba-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: http://www.arubanetworks.com/support-services/security-bulletins/ (c) Copyright 2020 by Aruba, a Hewlett Packard Enterprise company. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information. -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEMd5pP5EnbG7Y0fo5mP4JykWFhtkFAl7VHl4ACgkQmP4JykWF htkzDAf/V5PQKrIVttsvKw7UDXCjTS/KjgEVy4HwGP433q0rKBFXHdGV/Lkrjfm2 ir5gdrReFmIb3RQos1cnW9QvQo+v31PD215xpdfHpRXuftukfmqGlWPwxNwOEaJn b9IlcmFGGrrBgGplVZ9JByrPzsRQIYAStRaYyGyEBIgFx0ChbEQBfz2J0ri8Td+P 0Z0KmxXwli3w+FzbGLjdiiNBctPQry2pBUcYtnpupqvyqX6toh5OV7KXKJQP8g+i bSL9zHTFbiw/ytTxCRB8xApKdNGF/+JK2ADWzIy68NRxLB3xBobFibL/JShfBeWa 1oW0ReNd/Lqv4Kya0PSI5oixdvcKlg== =sTOF -----END PGP SIGNATURE-----