Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
clearpass vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-4401
Aruba ClearPass Policy Manager prior to 6.5.7 and 6.6.x prior to 6.6.2 allows malicious users to obtain database credentials.
Arubanetworks Clearpass
2 Github repositories
7.2
CVSSv3
CVE-2020-7111
A server side injection vulnerability exists which could allow an authenticated administrative user to achieve Remote Code Execution in ClearPass. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher.
Arubanetworks Clearpass
4.8
CVSSv3
CVE-2020-7110
ClearPass is vulnerable to Stored Cross Site Scripting by allowing a malicious administrator, or a compromised administrator account, to save malicious scripts within ClearPass that could be executed resulting in a privilege escalation attack. Resolution: Fixed in 6.7.13, 6.8.4, ...
Arubanetworks Clearpass
4.9
CVSSv3
CVE-2020-7113
A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9...
Arubanetworks Clearpass
9.8
CVSSv3
CVE-2020-7114
A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur....
Arubanetworks Clearpass
8.8
CVSSv3
CVE-2015-3655
Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager prior to 6.4.7 and 6.5.x prior to 6.5.2 allows remote malicious users to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token.
Arubanetworks Clearpass
6.1
CVSSv3
CVE-2021-26678
A remote unauthenticated stored cross-site scripting (XSS) vulnerability exists in Aruba ClearPass Policy Manager version(s): before 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote malicious us...
Arubanetworks Clearpass Policy Manager
8.1
CVSSv3
CVE-2018-7063
In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API ...
Arubanetworks Clearpass Policy Manager
7.2
CVSSv3
CVE-2018-7065
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could ex...
Arubanetworks Clearpass Policy Manager
9
CVSSv3
CVE-2018-7066
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints...
Arubanetworks Clearpass Policy Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »