HIGHCVE-2026-23599Published 2026-02-17Modified 2026-02-18CNA hpe

CVE-2026-23599: Local Privilege Escalation Vulnerability in HPE Aruba Networking Clear Pass Policy Manager OnGuard for Linux

A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges.

CVSS v3.1: 7.8
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Hewlett Packard Enterprise (HPE) / HPE Aruba Networking ClearPass Policy Manager
≤ 6.12.7 · ≤ 6.11.13

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

support.hpe.com

Metrics