CVE-2024-5486

MEDIUM

ClearPass Policy Manager - Info Disclosure

Title source: llm

Description

A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager

References (1)

Core 1

Core References

Vendor Advisory

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04675en_us&docLocale=en_US

Scores

CVSS v3 5.8

EPSS 0.0040

EPSS Percentile 61.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (3)

arubanetworks/clearpass_policy_manager 6.12.0

arubanetworks/clearpass_policy_manager 6.12.1

arubanetworks/clearpass_policy_manager 6.11 - 6.11.8

Published Jul 30, 2024

Tracked Since Feb 18, 2026