{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23599", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2026-01-14T15:40:17.991Z", "datePublished": "2026-02-17T23:04:36.463Z", "dateUpdated": "2026-02-18T13:43:12.492Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "HPE Aruba Networking ClearPass Policy Manager", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"lessThanOrEqual": "6.12.7", "status": "affected", "version": "6.12.0", "versionType": "semver"}, {"lessThanOrEqual": "6.11.13", "status": "affected", "version": "6.11.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "HPE Aruba Networking Engineering Team"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.</p>"}], "value": "A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-02-17T23:04:36.463Z"}, "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05012en_us&docLocale=en_US"}], "source": {"advisory": "HPESBNW05012", "discovery": "INTERNAL"}, "title": "Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-269", "lang": "en", "description": "CWE-269 Improper Privilege Management"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-18T13:42:19.699413Z", "id": "CVE-2026-23599", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T13:43:12.492Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23599", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-18T13:42:19.699413Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T13:42:32.234Z"}}], "cna": {"title": "Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux", "source": {"advisory": "HPESBNW05012", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "HPE Aruba Networking Engineering Team"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "HPE Aruba Networking ClearPass Policy Manager", "versions": [{"status": "affected", "version": "6.12.0", "versionType": "semver", "lessThanOrEqual": "6.12.7"}, {"status": "affected", "version": "6.11.0", "versionType": "semver", "lessThanOrEqual": "6.11.13"}], "defaultStatus": "affected"}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05012en_us&docLocale=en_US"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.", "supportingMedia": [{"type": "text/html", "value": "<p>A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.</p>", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-02-17T23:04:36.463Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23599", "state": "PUBLISHED", "dateUpdated": "2026-02-18T13:43:12.492Z", "dateReserved": "2026-01-14T15:40:17.991Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2026-02-17T23:04:36.463Z", "assignerShortName": "hpe"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges."}, {"lang": "es", "value": "Una vulnerabilidad de escalada local de privilegios ha sido descubierta en el software HPE Aruba Networking ClearPass OnGuard para Linux. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir a un atacante local lograr ejecuci\u00f3n de c\u00f3digo arbitrario con privilegios de root."}], "id": "CVE-2026-23599", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "security-alert@hpe.com", "type": "Secondary"}]}, "published": "2026-02-18T00:16:18.833", "references": [{"source": "security-alert@hpe.com", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05012en_us&docLocale=en_US"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[6.12.0,6.12.7]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[6.11.0,6.11.13]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "HPE Aruba Networking ClearPass Policy Manager", "source": "cna", "vendor": "Hewlett Packard Enterprise (HPE)"}, "product": "aruba_networking_clearpass_policy_manager", "vendor": "hpe"}], "analysis": {"en": {"generated_at": "2026-04-18T12:00:52.848617+00:00", "value": {"mitigation_remediation": ["Apply the latest HPE Aruba ClearPass OnGuard Software update that addresses the local privilege escalation flaw, as specified in HPE support documentation.", "Limit local user accounts to those strictly necessary for operation, disabling unused accounts and services that could be abused for local code execution.", "Enforce strict access controls on the system, including the principle of least privilege for all local users and careful monitoring of privileged activity."], "summary": {"action": "Immediate Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The affected product is Hewlett Packard Enterprise's HPE Aruba Networking ClearPass Policy Manager on Linux. No specific version range is provided in the advisory, so all deployments of this product remain potentially vulnerable until a patch is applied.", "description_and_impact": "A local privilege escalation vulnerability exists in HPE Aruba Networking ClearPass Policy Manager for Linux. The flaw allows a local attacker to execute arbitrary code with root privileges, effectively giving them full control over the system. The weakness aligns with CWE\u2011269, an authentication or authorization flaw that permits a compromised local account to gain higher privileges.", "risk_and_exploitability": "This vulnerability has a CVSS score of 7.8, classifying it as high severity. The EPSS score is less than 1\u202f%, indicating a very low likelihood of exploitation in the wild, and it is not listed in the CISA KEV catalog. The exploitation vector is local: an attacker must already have physical or local console access to the device. This inference is drawn from the description which states it is a local privilege escalation vulnerability. Because compromise grants root privileges, the impact is severe for confidentiality, integrity, and availability of the affected system."}}}}, "created": "2026-02-18T10:33:01.964346+00:00", "updated": "2026-04-18T12:15:15.767378+00:00", "vendors": ["hpe", "hpe$PRODUCT$aruba_networking_clearpass_policy_manager"]}