CVE-2023-43507
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Oct 25, 2023
Updated: Nov 1, 2023
CWE ID 89
Summary
CVE-2023-43507 is a vulnerability affecting ClearPass Policy Manager's web-based interface. An authenticated attacker can exploit this flaw to conduct SQL injection attacks, enabling them to gain unauthorized access to sensitive information in the underlying database. This vulnerability poses a significant risk, potentially leading to a complete compromise of the ClearPass Policy Manager cluster.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Clearpass Policy Manager
Affected Vendors
- Aruba Networks