CVEDB API

Vulnerabilities

Vulnerable Software

Arubanetworks: >> Clearpass Policy Manager >> 6.7.14 Security Vulnerabilities

CVE-2021-34614

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVSS Score

6.3

EPSS Score

0.017

Published

2021-07-08

CVE-2021-29151

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVSS Score

4.3

EPSS Score

0.001

Published

2021-07-08

CVE-2021-29152

A remote denial of service (DoS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVSS Score

6.5

EPSS Score

0.006

Published

2021-07-08

CVE-2021-34610

CVSS Score

7.2

EPSS Score

0.033

Published

2021-07-08

CVE-2021-34611

CVSS Score

7.2

EPSS Score

0.025

Published

2021-07-08

CVE-2021-29150

A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVSS Score

7.2

EPSS Score

0.014

Published

2021-07-08

CVE-2021-26680

A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

CVSS Score

7.2

EPSS Score

0.018

Published

2021-02-23

CVE-2020-7120

A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit could allow a local attacker to execute arbitrary code within the context the binary is running in, which is a lower privileged account.

CVSS Score

5.3

EPSS Score

0.001

Published

2021-02-23

CVE-2021-26679

CVSS Score

7.2

EPSS Score

0.033

Published

2021-02-23

CVE-2021-26682

A remote reflected cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal interface of ClearPass could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the portal. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the guest portal interface.

CVSS Score

6.1

EPSS Score

0.002

Published

2021-02-23

Prev Next

Page 4

Vulnerabilities

Vulnerable Software

Arubanetworks: >> Clearpass Policy Manager >> 6.7.14 Security Vulnerabilities

Products

Pricing

Contact Us