admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-378xx/CVE-2022-37884.json

88 lines
3.2 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2022-37884",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2022-09-20T20:15:10.367",
"lastModified": "2023-01-23T13:55:41.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in the unavailability of the guest interface in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en la Interfaz de Usuario de ClearPass Policy Manager Guest que puede permitir a un atacante no autenticado enviar operaciones espec\u00edficas que resulten en una condici\u00f3n de denegaci\u00f3n de servicio. Una explotaci\u00f3n con \u00e9xito de esta vulnerabilidad resulta en la indisponibilidad de la interfaz de invitado en Aruba ClearPass Policy Manager versi\u00f3n(es): 6.10.x: 6.10.6 y anteriores; 6.9.x: 6.9.11 y anteriores. Aruba ha publicado actualizaciones para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9.0",
"versionEndExcluding": "6.9.12",
"matchCriteriaId": "57F180BC-B95D-4B3A-9C1C-38611C4B80C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.10.0",
"versionEndExcluding": "6.10.7",
"matchCriteriaId": "327E889C-2867-4E82-AB1A-2D47735D5EF5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-013.txt",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink