CVE-2023-43509

CVSS 3.1 Score 5.8 of 10 (medium)

Details

Published Oct 25, 2023

Updated: Nov 1, 2023

Summary

CVE-2023-43509 is a vulnerability affecting ClearPass Policy Manager's web-based interface. An unauthenticated remote attacker can exploit this flaw to send notifications to computers utilizing ClearPass OnGuard. These notifications serve as a phishing tool, allowing attackers to manipulate users into downloading harmful software or revealing sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Clearpass Policy Manager

Affected Vendors

Aruba Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/suzdXW
https://www.cve.org/CVERecord?id=CVE-2023-43509
https://nvd.nist.gov/vuln/detail/CVE-2023-43509

Back to Vulnerability Database