Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clearpass policy manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-43530
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote malicious user to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modif...
Arubanetworks Clearpass Policy Manager
6.8
CVSSv2
CVE-2018-7063
In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API ...
Arubanetworks Clearpass Policy Manager
6.5
CVSSv2
CVE-2018-7065
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could ex...
Arubanetworks Clearpass Policy Manager
9.3
CVSSv2
CVE-2018-7066
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints...
Arubanetworks Clearpass Policy Manager
6.5
CVSSv2
CVE-2018-7067
A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an malicious user to compromise the entire cluster through a specially crafted API call. Network access to the ad...
Arubanetworks Clearpass Policy Manager
3.5
CVSSv2
CVE-2015-4132
Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) prior to 6.4.5 allow remote administrators to inject arbitrary web script or HTML via unspecified vectors.
Arubanetworks Clearpass Policy Manager
9
CVSSv2
CVE-2020-7116
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operati...
Arubanetworks Clearpass Policy Manager
9
CVSSv2
CVE-2020-7117
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operati...
Arubanetworks Clearpass Policy Manager
4.6
CVSSv2
CVE-2020-7120
A local authenticated buffer overflow vulnerability exists in Aruba ClearPass Policy Manager version(s): before 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit coul...
Arubanetworks Clearpass Policy Manager
7.2
CVSSv2
CVE-2020-7123
A local escalation of privilege vulnerability exists in Aruba ClearPass Policy Manager version(s) before 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability.
Arubanetworks Clearpass Policy Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »