Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arubanetworks clearpass vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-7063
In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API ...
Arubanetworks Clearpass Policy Manager
6.8
CVSSv2
CVE-2018-7060
Aruba ClearPass 6.6.x before 6.6.9 and 6.7.x before 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface.
Arubanetworks Clearpass
6.8
CVSSv2
CVE-2015-3655
Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager prior to 6.4.7 and 6.5.x prior to 6.5.2 allows remote malicious users to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token.
Arubanetworks Clearpass
6.8
CVSSv2
CVE-2014-6624
The Insight module in Aruba Networks ClearPass prior to 6.3.6 and 6.4.x prior to 6.4.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
Arubanetworks Clearpass
Arubanetworks Clearpass 6.4.0
6.5
CVSSv2
CVE-2022-23669
A remote authorization bypass vulnerability exists in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
6.5
CVSSv2
CVE-2022-23667
A authenticated remote command injection vulnerability exists in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager
6.5
CVSSv2
CVE-2021-40995
A remote arbitrary command execution vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has released patche...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager 6.9.7
6.5
CVSSv2
CVE-2021-40991
A remote disclosure of sensitive information vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has release...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager 6.9.7
6.5
CVSSv2
CVE-2021-40994
A remote arbitrary command execution vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has released patche...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager 6.9.7
6.5
CVSSv2
CVE-2021-40992
A remote SQL injection vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has released patches for ClearPas...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager 6.9.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »