cve/2020/CVE-2020-7115.md

### [CVE-2020-7115](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7115)
![](https://img.shields.io/static/v1?label=Product&message=ClearPass%20Policy%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Unauthenticated%20Remote%20Command%20Execution%20in%20the%20Web%20Interface&color=brighgreen)

### Description

The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher.

### POC

#### Reference
- http://packetstormsecurity.com/files/158368/ClearPass-Policy-Manager-Unauthenticated-Remote-Command-Execution.html
- http://packetstormsecurity.com/files/158368/ClearPass-Policy-Manager-Unauthenticated-Remote-Command-Execution.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Live-Hack-CVE/CVE-2020-7115
- https://github.com/Retr02332/CVE-2020-7115
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-7115](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7115)`
			`![](https://img.shields.io/static/v1?label=Product&message=ClearPass%20Policy%20Manager&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Unauthenticated%20Remote%20Command%20Execution%20in%20the%20Web%20Interface&color=brighgreen)`

			`### Description`

			`The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/158368/ClearPass-Policy-Manager-Unauthenticated-Remote-Command-Execution.html`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- http://packetstormsecurity.com/files/158368/ClearPass-Policy-Manager-Unauthenticated-Remote-Command-Execution.html`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/Live-Hack-CVE/CVE-2020-7115`
			`- https://github.com/Retr02332/CVE-2020-7115`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/soosmile/POC`