{ "document": { "aggregate_severity": { "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale", "text": "High" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "HPE Aruba Networking has released updates to the ClearPass Policy Manager OnGuard Software for Linux to address a local privilege escalation vulnerability.", "title": "Summary" }, { "category": "general", "text": "This vulnerability affects HPE Aruba Networking ClearPass Policy Manager OnGuard for Linux running the following software versions unless specifically noted otherwise in the details section: \n \nHPE Aruba Networking ClearPass Policy Manager \n - 6.12.x: ClearPass 6.12.7 and below \n - 6.11.x: ClearPass 6.11.13 and below \n \nHPE Aruba Networking ClearPass Policy Manager software versions that have reached end of life are affected by the disclosed vulnerability unless otherwise indicated. ", "title": "Affected Products" }, { "category": "general", "text": "Any other HPE Aruba Networking products not specifically listed above are not affected by this vulnerability.", "title": "Unaffected Products" }, { "category": "other", "text": "HPE Aruba Networking is not aware of any public discussion or exploit code that targets this specific vulnerability as of the release date of the advisory.", "title": "Exploitation and Public Discussion" }, { "category": "general", "text": "Complete information on reporting security vulnerabilities in HPE Networking products and obtaining assistance with security incidents is available at http://www.hpe.com/support/security-response-policy. For reporting NEW HPE Networking security issues, email can be sent to aruba-sirt@hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at https://www.hpe.com/info/psrt-pgp-key.", "title": "Aruba SIRT Security Procedures" }, { "category": "legal_disclaimer", "text": "((c) Copyright 2026 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information.", "title": "Legal Disclaimer" }, { "category": "general", "text": "For general information on hardening HPE Aruba Networking ClearPass Policy Manager instances against security threats please see the ClearPass Policy Manager Hardening Guide. \n \nHPE Aruba Networking ClearPass Policy Manager Hardening Guides\n - For the 6.12.x branch, the Hardening Guide is available at https://arubanetworking.hpe.com/techdocs/ClearPass/6.12/PolicyManager/Content/Hardening/Introduction.htm\n \n - For the 6.11.x branch, the Hardening Guide is available at https://arubanetworking.hpe.com/techdocs/ClearPass/6.11/PolicyManager/Content/Hardening/Introduction.htm", "title": "ClearPass Policy Manager Security Hardening" } ], "publisher": { "category": "vendor", "contact_details": "Email: aruba-sirt(at)hpe.com - For further details please see http://www.hpe.com/support/security-response-policy", "issuing_authority": "HPE Aruba Networking's Security Incident Response Team (SIRT) is responsible for receiving, tracking, managing, and disclosing vulnerabilities in HPE Aruba Networking products. The HPE Aruba Networking SIRT actively works with industry, non-profit, government organizations, and the security community when vulnerabilities are reported. A security vulnerability is defined as any weakness in a product that allows an attacker to compromise the confidentiality, integrity, or availability of a product, customer infrastructure, or IT system through an HPE Aruba Networking product in that environment.", "name": "HPE Aruba Networking", "namespace": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us" }, "references": [ { "summary": "Original Advisory", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05012en_us&docLocale=en_US" }, { "summary": "HPE Aruba Networking Security Advisory Archive", "url": "https://csaf.arubanetworking.hpe.com/" }, { "summary": "HPE Aruba Networking Product Security Incident Response Policy", "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us" } ], "title": "Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager (CPPM) OnGuard Software for Linux", "tracking": { "current_release_date": "2026-02-17T22:00:00.000Z", "generator": { "date": "2026-02-17T22:44:40.989Z", "engine": { "name": "Secvisogram", "version": "2.5.43" } }, "id": "HPESBNW05012", "initial_release_date": "2026-02-17T22:00:00.000Z", "revision_history": [ { "date": "2025-09-17T21:00:00.000Z", "number": "1", "summary": "Initial Release" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "ClearPass 6.11.13 Hotfix Patch for CVE-2026-23599", "product": { "name": "ClearPass Policy Manager", "product_id": "ClearPass 6.11.13 Hotfix Patch for CVE-2026-23599" } }, { "category": "product_version", "name": "ClearPass 6.12.7 Hotfix Patch for CVE-2026-23599", "product": { "name": "ClearPass Policy Manager", "product_id": "ClearPass 6.12.7 Hotfix Patch for CVE-2026-23599" } }, { "category": "product_version_range", "name": "vers:semver/>=6.12.0|<=6.12.7", "product": { "name": "ClearPass Policy Manager", "product_id": ">=6.12.0|<=6.12.7" } }, { "category": "product_version_range", "name": "vers:semver/>=6.11.0|<=6.11.13", "product": { "name": "ClearPass Policy Manager", "product_id": ">=6.11.0|<=6.11.13" } } ], "category": "product_name", "name": "ClearPass Policy Manager" } ], "category": "vendor", "name": "HPE Aruba Networking" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "organization": "Hewlett Packard Enterprise (HPE)", "summary": "This vulnerability was internally discovered and reported by the Engineering team of HPE Aruba Networking." } ], "cve": "CVE-2026-23599", "notes": [ { "category": "details", "text": "A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.", "title": "Details" }, { "category": "other", "text": "VULN-207", "title": "Internal Reference" } ], "product_status": { "fixed": [ "ClearPass 6.11.13 Hotfix Patch for CVE-2026-23599", "ClearPass 6.12.7 Hotfix Patch for CVE-2026-23599" ], "known_affected": [ ">=6.12.0|<=6.12.7", ">=6.11.0|<=6.11.13" ] }, "remediations": [ { "category": "vendor_fix", "date": "2026-02-17T22:00:00.000Z", "details": "Upgrade HPE Aruba Networking ClearPass Policy Manager to one of the following versions to remediate the vulnerability noted in the Details section. \n \nHPE Aruba Networking ClearPass Policy Manager\n - 6.12.x: ClearPass 6.12.7 Hotfix Patch for CVE-2026-23599 and above.\n - 6.11.x: ClearPass 6.11.13 Hotfix Patch for CVE-2026-23599 and above. \n \nSoftware versions with resolution/fixes for the vulnerability covered above can be downloaded from the HPE Networking Support Portal at https://networkingsupport.hpe.com/downloads;fileTypes=SOFTWARE.\n \nSupported versions as of the publication date of this advisory are: \n - HPE Aruba Networking ClearPass Policy Manager 6.12.x \n - HPE Aruba Networking ClearPass Policy Manager 6.11.x \n \nHPE Aruba Networking does not evaluate or patch software branches that \nhave reached their End of Maintenance (EoM) milestone. For more information about HPE Aruba Networking End of Life policy please visit https://www.hpe.com/psnow/doc/a00143052enw.", "product_ids": [ ">=6.12.0|<=6.12.7", ">=6.11.0|<=6.11.13" ], "url": "https://networkingsupport.hpe.com/home/" }, { "category": "workaround", "date": "2026-02-17T22:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above. You may contact HPE Services Aruba Networking for any configuration assistance if needed.", "product_ids": [ ">=6.12.0|<=6.12.7", ">=6.11.0|<=6.11.13" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.8, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 7.8, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ ">=6.12.0|<=6.12.7", ">=6.11.0|<=6.11.13" ] } ], "title": "Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux" } ] }