{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T07:55:57.158","vulnerabilities":[{"cve":{"id":"CVE-2025-25039","sourceIdentifier":"security-alert@hpe.com","published":"2025-02-04T19:15:33.977","lastModified":"2025-03-28T17:37:36.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración basada en web de HPE Aruba Networking ClearPass Policy Manager (CPPM) permite que usuarios remotos autenticados ejecuten comandos arbitrarios en el host subyacente. Una explotación exitosa podría permitir que un atacante ejecute comandos arbitrarios como un usuario con privilegios inferiores en el sistema operativo subyacente sistema."}],"metrics":{"cvssMetricV31":[{"source":"security-alert@hpe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11.0","versionEndExcluding":"6.11.10","matchCriteriaId":"2788E2CB-BCF1-4FAB-BB44-9C82649C6C00"},{"vulnerable":true,"criteria":"cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12.0","versionEndExcluding":"6.12.4","matchCriteriaId":"B1F83541-D3BE-4B1F-B4F5-8A951746A27A"}]}]}],"references":[{"url":"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04784en_us&docLocale=en_US","source":"security-alert@hpe.com","tags":["Vendor Advisory"]}]}}]}