A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPassβ service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.
[
{
"product": "ClearPass Policy Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ClearPass 6.8.x prior to 6.8.5 ClearPass 6.7.x prior to 6.7.13"
}
]
}
]