Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of these vulnerabilities allow an attacker to complete state-changing actions in the web-based management interface that should not be allowed by their current level of authorization on the platform.
Advisories
Source ID Title
EUVD EUVD EUVD-2023-47914 Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of these vulnerabilities allow an attacker to complete state-changing actions in the web-based management interface that should not be allowed by their current level of authorization on the platform.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2024-09-11T14:29:44.188Z

Reserved: 2023-09-19T14:41:06.499Z

Link: CVE-2023-43508

cve-icon Vulnrichment

Updated: 2024-08-02T19:44:43.231Z

cve-icon NVD

Status : Modified

Published: 2023-10-25T18:17:31.990

Modified: 2024-11-21T08:24:10.990

Link: CVE-2023-43508

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.