CVE-2017-9001
Last modified
CVE-2017-9001 is a vulnerability of currently unknown severity. Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to execute arbitrary commands on the underlying operating system with "root" privilege level. EPSS estimates a 7.31% chance of exploitation in the next 30 days.
Description
Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to execute arbitrary commands on the underlying operating system with "root" privilege level. This vulnerability is only present when a specific feature has been enabled. The SSH Lockout feature is not enabled by default, so only systems which have enabled this feature are vulnerable.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hp | Aruba Clearpass Policy Manager | >= 6.6.3, < 6.6.8 |
References
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-004.txtMitigation, Vendor Advisory
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-004.txtMitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-9001?
How severe is CVE-2017-9001?
How do I fix CVE-2017-9001?
Are you affected by CVE-2017-9001?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST