Lucene search
MitreCVE-2015-1389HistoryMay 28, 2015 - 2:59 p.m.
CVE-2015-1389
2015-05-2814:59:01
CWE-79
mitre
web.nvd.nist.gov
30
nvd
cve-2015-1389
aruba networks
clearpass policy manager
xss
remote attackers
web script injection
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.006
Percentile
79.0%
Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to inject arbitrary web script or HTML via the username parameter to tips/tipsLoginSubmit.action.
Affected configurations
Node
arubanetworksclearpass_policy_managerRange≤6.4.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| arubanetworks | clearpass_policy_manager | * | cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:* |
Related
zdt
zdt
Aruba ClearPass Policy Manager Stored XSS Vulnerability
2015-06-02 00:00:00
prion
prion
Cross site scripting
2015-05-28 14:59:00
nvd
nvd
CVE-2015-1389
2015-05-28 14:59:01
exploitdb
exploitdb
Aruba ClearPass Policy Manager - Persistent Cross-Site Scripting
2015-06-01 00:00:00
cvelist
cvelist
CVE-2015-1389
2015-05-28 14:00:00
exploitpack
exploitpack
Aruba ClearPass Policy Manager - Persistent Cross-Site Scripting
2015-06-01 00:00:00
packetstorm
packetstorm
Aruba ClearPass Policy Manager 6.4 Cross Site Scripting
2015-05-27 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.006
Percentile
79.0%
Related for CVE-2015-1389