CVE-2023-43507

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 25, 2023

Updated: Nov 1, 2023

CWE ID 89

Summary

CVE-2023-43507 is a vulnerability affecting ClearPass Policy Manager's web-based interface. An authenticated attacker can exploit this flaw to conduct SQL injection attacks, enabling them to gain unauthorized access to sensitive information in the underlying database. This vulnerability poses a significant risk, potentially leading to a complete compromise of the ClearPass Policy Manager cluster.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Clearpass Policy Manager

Affected Vendors

Aruba Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/suzdXq
https://www.cve.org/CVERecord?id=CVE-2023-43507
https://nvd.nist.gov/vuln/detail/CVE-2023-43507

Back to Vulnerability Database