Threat Advisory

HPE Aruba ClearPass Security Vulnerabilities

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

HPE Aruba Networking has released security updates for its ClearPass Policy Manager (CPPM) to address multiple vulnerabilities, including CVE-2025-23058, an authenticated broken access control flaw that could allow low-privileged attackers to access administrative functions. Additional vulnerabilities involve sensitive information disclosure and authenticate remote command injection.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

HPE Aruba Networking has released security updates for its ClearPass Policy Manager (CPPM) to address multiple vulnerabilities, including CVE-2025-23058, an authenticated broken access control flaw that could allow low-privileged attackers to access administrative functions. Additional vulnerabilities involve sensitive information disclosure and authenticate remote command injection.[emaillocker id="1283"]

  • CVE-2025-23058: It is a broken access control vulnerability in HPE Aruba ClearPass Policy Manager. It allows a low-privileged authenticated attacker to gain access to administrative functions, potentially leading to unauthorized changes in network policies. This vulnerability has a high severity rating.
  • CVE-2024-7348: It affects the PostgreSQL component in ClearPass Policy Manager. It could allow an attacker to execute arbitrary SQL code, potentially leading to data manipulation or further exploitation.
  • CVE-2025-23060: It is a remote command injection vulnerability that requires authentication. Attackers who exploit this flaw could execute system commands remotely, which may lead to complete system compromise.
  • CVE-2025-23059: It involves the exposure of sensitive information due to improper access controls. An attacker with limited privileges could exploit this flaw to retrieve sensitive system or user data, which could be leveraged for further attacks.
  • CVE-2025-25039: It is another security issue in ClearPass Policy Manager, though specific details on its impact are not fully disclosed. However, it is likely related to authentication bypass or privilege escalation, adding to the overall security risks.

Recommended actions include disabling read-only access, restricting management interfaces to dedicated VLANs or firewall-controlled zones, monitoring logs for suspicious activity, and applying PostgreSQL security updates if applicable.

RECOMMENDATION:

  • We recommend to upgrade to patched version 6.12.4+ and 6.11.10+.

REFERENCES:

The following reports contain further technical details:
https://securityonline.info/hpe-aruba-networking-issues-security-updates-for-clearpass-policy-manager/

[/emaillocker]
crossmenu