Aruba Networks ClearPass prior to 6.3.6 and 6.4.x prior to 6.4.1 does not disable the troubleshooting and diagnostics page in production systems, which allows remote malicious users to obtain version numbers, module configuration, and other sensitive information by reading the page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arubanetworks clearpass |
||
arubanetworks clearpass 6.4.0 |