A remote authenticated SQL Injection vulnerabilitiy exists in Aruba ClearPass Policy Manager version(s): before 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface API of ClearPass could allow an authenticated remote malicious user to conduct SQL injection attacks against the ClearPass instance. An attacker could exploit this vulnerability to obtain and modify sensitive information in the underlying database.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arubanetworks clearpass policy manager |