Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
policy manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-40994
A remote arbitrary command execution vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has released patche...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager 6.9.7
10
CVSSv2
CVE-2015-4650
Aruba Networks ClearPass Policy Manager prior to 6.4.7 and 6.5.x prior to 6.5.2 allows remote malicious users to gain shell access and execute arbitrary code with root privileges via unspecified vectors.
Arubanetworks Clearpass Policy Manager 6.5.1
Arubanetworks Clearpass Policy Manager 6.5.0
Arubanetworks Clearpass Policy Manager
NA
CVE-2023-25589
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote malicious user to create arbitrary users on the platform. A successful exploit allows an malicious user to achieve total cluster compromise.
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.11.0
Arubanetworks Clearpass Policy Manager 6.11.1
NA
CVE-2023-25592
Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an malicious user to execute arbitrary s...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.11.0
Arubanetworks Clearpass Policy Manager 6.11.1
NA
CVE-2023-25596
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an malicious user to retrieve information which could be used to potentially gain furt...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.11.0
Arubanetworks Clearpass Policy Manager 6.11.1
10
CVSSv2
CVE-2015-8098
F5 BIG-IP APM 11.4.1 prior to 11.4.1 HF9, 11.5.x prior to 11.5.3, and 11.6.0 prior to 11.6.0 HF4 allow remote malicious users to cause a denial of service or execute arbitrary code via unspecified vectors related to processing a Citrix Remote Desktop connection through a virtual ...
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.2.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 11.5.0
3.5
CVSSv2
CVE-2016-7467
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authenticatio...
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
4
CVSSv2
CVE-2016-3687
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x prior to 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a bas...
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.4.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Edge Gateway 11.2.1
4.3
CVSSv2
CVE-2013-5976
Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 up to and including 10.2.4 and 11.1.0 up to and including 11.3.0 allows remote malicious users to inject arbitrary web script or HTML via the LastMRH_Session cookie.
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 10.1.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 10.2.4
F5 Big-ip Access Policy Manager 11.0.0
3.5
CVSSv2
CVE-2017-0302
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »