Vulnerability Details CVE-2018-7060
Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.6%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
Products affected by CVE-2018-7060
-
cpe:2.3:a:arubanetworks:clearpass:6.6.0
-
cpe:2.3:a:arubanetworks:clearpass:6.6.1
-
cpe:2.3:a:arubanetworks:clearpass:6.6.2
-
cpe:2.3:a:arubanetworks:clearpass:6.6.3
-
cpe:2.3:a:arubanetworks:clearpass:6.6.4
-
cpe:2.3:a:arubanetworks:clearpass:6.6.5
-
cpe:2.3:a:arubanetworks:clearpass:6.6.7
-
cpe:2.3:a:arubanetworks:clearpass:6.6.8
-
cpe:2.3:a:arubanetworks:clearpass:6.7.0