CVE-2025-25039

Published Feb 4, 2025

Last updated 18 days ago

CVSS medium 4.7

Overview

Description
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system.
Source
security-alert@hpe.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.7
Impact score
3.4
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Severity
MEDIUM

Social media

Hype score
Not currently trending

  1. CVE-2025-25039 A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary comma… https://t.co/VxOcW1LTWf

    @CVEnew

    4 Feb 2025

    319 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References