## https://sploitus.com/exploit?id=SAINT:F0910F9682FDBEEE637DA9FD62F5F6AD
Added: 08/13/2020
CVE: [CVE-2020-7115](<https://vulners.com/cve/CVE-2020-7115>)
### Background
[Aruba ClearPass](<https://www.arubanetworks.com/products/security/network-access-control/>) is a network access control solution.
### Problem
A vulnerability in the `**tipsSimulationUpload.action**` resource allows remote attackers to execute arbitrary commands by uploading a shared object library in the `**uploadClientCertFile**` parameter.
### Resolution
Upgrade ClearPass Policy Manager to version 6.7.13-HF, 6.8.5-HF, 6.8.6, or 6.9.1 or higher.
### References
<https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt>
### Platforms
Linux