CVE-2020-7120

2021-02-2318:08:36

hpe

www.cve.org

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit could allow a local attacker to execute arbitrary code within the context the binary is running in, which is a lower privileged account.

CNA Affected

[
  {
    "product": "Aruba ClearPass Policy Manager",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1"
      }
    ]
  }
]

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-004.txt