CVE-2017-9001
HIGHAruba ClearPass Policy Manager 6.6.3-6.6.8 - Unauthenticated Remote Code Execution via SSH Lockout Feature
Title source: llmDescription
Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to execute arbitrary commands on the underlying operating system with "root" privilege level. This vulnerability is only present when a specific feature has been enabled. The SSH Lockout feature is not enabled by default, so only systems which have enabled this feature are vulnerable.
References (1)
Core 1
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-004.txt
Scores
CVSS v3
8.1
EPSS
0.0201
EPSS Percentile
83.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
hp/aruba_clearpass_policy_manager
6.6.3 - 6.6.8
Published
Aug 06, 2018
Tracked Since
Feb 18, 2026