CVE-2025-23059

MEDIUM Year: 2025
CVSS v3 Score
4.9
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. If exploited successfully, this vulnerability allows an authenticated remote attacker with high privileges to access and retrieve sensitive data, potentially compromising the integrity and security of the entire system.

Related Vulnerabilities

CVE-2016-10528

MEDIUM
CVSS:4.9(Medium)

restafary is a REpresentful State Transfer API for Creating, Reading, Using, Deleting files on a server from the web. Restafary before 1.6.1 is able to set up a root path, which should only allow it t...

CWE-222016

CVE-2016-4004

MEDIUM
CVSS:4.9(Medium)

Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows remote authenticated administrators to read arbitrary files via a ..\ (dot dot backslash) in the file parame...

CWE-222016

CVE-2016-4314

MEDIUM
CVSS:4.9(Medium)

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to ...

CWE-222016

CVE-2016-5092

MEDIUM
CVSS:4.9(Medium)

Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn featur...

CWE-222016

CVE-2016-7135

MEDIUM
CVSS:4.9(Medium)

Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a .. (dot dot) in the path parameter in a getFile act...

CWE-222016

CVE-2017-10841

MEDIUM
CVSS:4.9(Medium)

Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.

CWE-222017