Shodan
Vulnerabilities
Vulnerable Software
Arubanetworks:  Security Vulnerabilities
CVE-2015-3654
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649.
CVSS Score
7.2
EPSS Score
0.009
Published
2017-08-29
CVE-2015-3655
Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-08-29
CVE-2015-3656
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain privileges by leveraging failure to properly enforce authorization checks.
CVSS Score
7.2
EPSS Score
0.008
Published
2017-08-29
CVE-2015-3657
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.008
Published
2017-08-29
CVE-2015-4649
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-3654.
CVSS Score
7.2
EPSS Score
0.009
Published
2017-08-29
CVE-2016-2034
SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-06-08
CVE-2017-5638
Known exploited
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
CVSS Score
9.8
EPSS Score
0.943
Published
2017-03-11
CVE-2015-4132
Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.003
Published
2015-05-28
CVE-2015-1551
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to read arbitrary files via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.002
Published
2015-05-28
CVE-2015-1550
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to execute arbitrary files via unspecified vectors.
CVSS Score
9.0
EPSS Score
0.008
Published
2015-05-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved