Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistHpeCVELIST:CVE-2018-7063
HistoryDec 07, 2018 - 9:00 p.m.

CVE-2018-7063

2018-12-0721:00:00
hpe
www.cve.org
4

AI Score

8.3

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API and complete compromise of the ClearPass instance if an attacker knows of the existence of these accounts.

CNA Affected

[
  {
    "product": "Aruba ClearPass Policy Manager",
    "vendor": "Hewlett Packard Enterprise",
    "versions": [
      {
        "status": "affected",
        "version": "ClearPass 6.7.x prior to 6.7.6, ClearPass 6.6.10 and earlier without hotfix applied"
      }
    ]
  }
]

Related

nvd 1
cve 1
prion 1
nessus 1
nvd
nvd
CVE-2018-7063
2018-12-07 21:29:01
cve
cve
CVE-2018-7063
2018-12-07 21:29:01
prion
prion
Design/Logic Flaw
2018-12-07 21:29:00
nessus
nessus
Aruba ClearPass Policy Manager <= 6.6.10 / 6.7.x < 6.7.6 Multiple Vulnerabilities
2020-07-28 00:00:00

AI Score

8.3

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON
Related for CVELIST:CVE-2018-7063
nvd1cve1prion1nessus1