What is CVE-2020-7115?

CVE-2020-7115 is a vulnerability in Clearpass Policy Manager. Published 2020-06-03.

Is CVE-2020-7115 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Clearpass Policy Manager

CVE-2020-7115

The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying…

EPSS: 0.607 (98.3th percentile) — read the EPSS interpretation.

Affected products

N/a Clearpass Policy Manager — versions ClearPass 6.9.x prior to 6.9.1 ClearPass 6.8.x prior to 6.8.5-HF ClearPass 6.7.x prior to 6.7.13-HF

Public proof-of-concept exploits

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt (x_refsource_MISC)
packetstormsecurity.com/files/158368/ClearPass-Policy-Manager-Unauthenticated-R… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-7115?: CVE-2020-7115 is a vulnerability in Clearpass Policy Manager. Published 2020-06-03.
Is CVE-2020-7115 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.