Lucene search

MitreCVE-2014-4031

HistoryJul 15, 2014 - 2:55 p.m.

CVE-2014-4031

2014-07-1514:55:10

CWE-200

mitre

web.nvd.nist.gov

aruba networks

clearpass

cve-2014-4031

policy manager

database credentials

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

46.3%

JSON

The Policy Manager in Aruba Networks ClearPass 5.x, 6.0.x, 6.1.x through 6.1.4.61696, 6.2.x through 6.2.6.62196, and 6.3.x before 6.3.4 allows remote authenticated users to obtain database credentials via unspecified vectors.

Affected configurations

Nvd

Node

arubanetworksclearpassMatch5.0.1

arubanetworksclearpassMatch5.1

arubanetworksclearpassMatch5.2

arubanetworksclearpassMatch6.0.1

arubanetworksclearpassMatch6.0.2

arubanetworksclearpassMatch6.1

arubanetworksclearpassMatch6.1.4.61696

arubanetworksclearpassMatch6.2

arubanetworksclearpassMatch6.2.6.62196

arubanetworksclearpassMatch6.3

VendorProductVersionCPE
arubanetworksclearpass5.0.1cpe:2.3:a:arubanetworks:clearpass:5.0.1:*:*:*:*:*:*:*
arubanetworksclearpass5.1cpe:2.3:a:arubanetworks:clearpass:5.1:*:*:*:*:*:*:*
arubanetworksclearpass5.2cpe:2.3:a:arubanetworks:clearpass:5.2:*:*:*:*:*:*:*
arubanetworksclearpass6.0.1cpe:2.3:a:arubanetworks:clearpass:6.0.1:*:*:*:*:*:*:*
arubanetworksclearpass6.0.2cpe:2.3:a:arubanetworks:clearpass:6.0.2:*:*:*:*:*:*:*
arubanetworksclearpass6.1cpe:2.3:a:arubanetworks:clearpass:6.1:*:*:*:*:*:*:*
arubanetworksclearpass6.1.4.61696cpe:2.3:a:arubanetworks:clearpass:6.1.4.61696:*:*:*:*:*:*:*
arubanetworksclearpass6.2cpe:2.3:a:arubanetworks:clearpass:6.2:*:*:*:*:*:*:*
arubanetworksclearpass6.2.6.62196cpe:2.3:a:arubanetworks:clearpass:6.2.6.62196:*:*:*:*:*:*:*
arubanetworksclearpass6.3cpe:2.3:a:arubanetworks:clearpass:6.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
arubanetworks	clearpass	5.0.1	cpe:2.3:a:arubanetworks:clearpass:5.0.1:::::::*
arubanetworks	clearpass	5.1	cpe:2.3:a:arubanetworks:clearpass:5.1:::::::*
arubanetworks	clearpass	5.2	cpe:2.3:a:arubanetworks:clearpass:5.2:::::::*
arubanetworks	clearpass	6.0.1	cpe:2.3:a:arubanetworks:clearpass:6.0.1:::::::*
arubanetworks	clearpass	6.0.2	cpe:2.3:a:arubanetworks:clearpass:6.0.2:::::::*
arubanetworks	clearpass	6.1	cpe:2.3:a:arubanetworks:clearpass:6.1:::::::*
arubanetworks	clearpass	6.1.4.61696	cpe:2.3:a:arubanetworks:clearpass:6.1.4.61696:::::::*
arubanetworks	clearpass	6.2	cpe:2.3:a:arubanetworks:clearpass:6.2:::::::*
arubanetworks	clearpass	6.2.6.62196	cpe:2.3:a:arubanetworks:clearpass:6.2.6.62196:::::::*
arubanetworks	clearpass	6.3	cpe:2.3:a:arubanetworks:clearpass:6.3:::::::*

References

secunia.com/advisories/58936

www.arubanetworks.com/support/alerts/aid-07032014.txt

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

46.3%

JSON

Related for CVE-2014-4031