end users are advised to upgrade their Aruba ClearPass Policy Manager software to the latest version to address these issues. Vulnerability details CVE-2019-1932 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host.
The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host. CVE-2019-1933 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host.The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host. CVE-2019-1934 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host.The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host. CVE-2019-1935 The ClearPass Policy Manager web-based interface does not restrict the installation of custom scripts, allowing attackers to execute arbitrary code on the underlying host

ClearPass Policy Manager Architecture

ClearPass Policy Manager, deployed in a DMZ environment, is comprised of two components. The first component is the ClearPass Policy Manager Server, which has the role of managing and configuring the system. The second component is the ClearPass Policy Manager Web Interface which acts as a GUI for policy management.
The ClearPass Policy Manager web interface contains a script-installation mechanism that allows administrators to install any number of custom scripts into their network. These scripts are typically used to provide services like authentication, logging, or data visualization.
These scripts are installed by installing them from the web interface without requiring administrator credentials on all hosts within the network . This allows attackers to install malicious code on all hosts using this mechanism without needing admin privileges or physical access to any host in order to exploit vulnerability CVE-2019-1932 and others related to vulnerable scripts on all hosts controlled by this interface across the entire network.

High Confidence Domain Specific Knowledge

An attacker who has compromised a ClearPass Policy Manager system can use the interface to install custom scripts on the underlying host. This could be used to execute arbitrary code with high confidence.

ClearPass Policy Manager Installation and Configuration Tasks

Aruba ClearPass Policy Manager is a powerful and flexible web-based enterprise policy management (EPM) solution. It can be used with an Aruba Mobility Controller, Aruba Wireless Controller, or a combination of both controllers to provide centralized policy control for up to 1,000 wireless access points.
ClearPass Policy Manager is designed to meet the needs of organizations looking for a comprehensive EPM solution that can support multiple types of users including IT administrators, supervisors, engineers, and building managers from across their organization. This product provides centralized site-to-site VPN administration; as well as offloading policy enforcement from the controller to the cloud.

Timeline

Published on: 09/20/2022 20:15:00 UTC
Last modified on: 09/21/2022 22:48:00 UTC

References