Remote Access to Sensitive Information via ClearPass Policy Manager Web Interface
CVE-2024-26301
6.5MEDIUM
What is CVE-2024-26301?
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.
Affected Version(s)
Aruba ClearPass Policy Manager ClearPass Policy Manager 6.12.x: 6.12.0
Aruba ClearPass Policy Manager ClearPass Policy Manager 6.12.x: 6.12.0
Aruba ClearPass Policy Manager ClearPass Policy Manager 6.11.x: 6.11.6 and below