Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
policy manager vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-26680
A remote authenticated command injection vulnerability exists in Aruba ClearPass Policy Manager version(s): before 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the unde...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.8
Arubanetworks Clearpass Policy Manager 6.7.14
9
CVSSv2
CVE-2021-26679
A remote authenticated command injection vulnerability exists in Aruba ClearPass Policy Manager version(s): before 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the unde...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.8
Arubanetworks Clearpass Policy Manager 6.7.14
4.3
CVSSv2
CVE-2021-26682
A remote reflected cross-site scripting (XSS) vulnerability exists in Aruba ClearPass Policy Manager version(s): before 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal interface of ClearPass could allow a remote malicious user to conduct a reflected cross-site s...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.7.14
Arubanetworks Clearpass Policy Manager 6.8.8
NA
CVE-2023-43507
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote malicious user to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit this vulnerability to obtain and modify s...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.9.13
Arubanetworks Clearpass Policy Manager 6.10.8
NA
CVE-2023-43508
Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of these vulnerabilities allow an malicious use...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.9.13
Arubanetworks Clearpass Policy Manager 6.10.8
10
CVSSv2
CVE-2015-8098
F5 BIG-IP APM 11.4.1 prior to 11.4.1 HF9, 11.5.x prior to 11.5.3, and 11.6.0 prior to 11.6.0 HF4 allow remote malicious users to cause a denial of service or execute arbitrary code via unspecified vectors related to processing a Citrix Remote Desktop connection through a virtual ...
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.2.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 11.5.0
4
CVSSv2
CVE-2016-3687
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x prior to 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a bas...
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.4.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Edge Gateway 11.2.1
3.5
CVSSv2
CVE-2016-7467
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authenticatio...
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
3.5
CVSSv2
CVE-2017-0302
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.2
4.3
CVSSv2
CVE-2013-5976
Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 up to and including 10.2.4 and 11.1.0 up to and including 11.3.0 allows remote malicious users to inject arbitrary web script or HTML via the LastMRH_Session cookie.
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 10.1.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 10.2.4
F5 Big-ip Access Policy Manager 11.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »