{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n\n## Contournement provisoire\n\n-   ClearPass Policy Manager versions 6.11.x ant\u00e9rieures \u00e0 6.11.5\n-   ClearPass Policy Manager versions 6.10.x ant\u00e9rieures \u00e0 6.10.8 Hotfix\n    Q4 2023\n-   ClearPass Policy Manager versions 6.9.x ant\u00e9rieures \u00e0 6.9.13 Hotfix\n    Q4 2023\n\nL'\u00e9diteur pr\u00e9cise que les versions ant\u00e9rieures ayant atteint leur date\nde fin de maintenance peuvent \u00eatre affect\u00e9es par ces vuln\u00e9rabilit\u00e9s.\n","cves":[{"name":"CVE-2023-43507","url":"https://www.cve.org/CVERecord?id=CVE-2023-43507"},{"name":"CVE-2023-43508","url":"https://www.cve.org/CVERecord?id=CVE-2023-43508"},{"name":"CVE-2023-43509","url":"https://www.cve.org/CVERecord?id=CVE-2023-43509"},{"name":"CVE-2023-43510","url":"https://www.cve.org/CVERecord?id=CVE-2023-43510"},{"name":"CVE-2023-43506","url":"https://www.cve.org/CVERecord?id=CVE-2023-43506"}],"links":[],"reference":"CERTFR-2023-AVI-0884","revisions":[{"description":"Version initiale","revision_date":"2023-10-25T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Aruba ClearPass\nPolicy Manager. Elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un contournement de la\npolitique de s\u00e9curit\u00e9 et une \u00e9l\u00e9vation de privil\u00e8ges.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Aruba ClearPass Policy Manager","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2023-016 du 24 octobre 2023","url":"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-016.txt"}]}