CVE-2021-29140

2021-04-2912:19:12

hpe

www.cve.org

aruba

clearpass

xxe

vulnerability

6.9.5

6.8.9

6.7.14-hf1

AI Score

8.4

Confidence

High

EPSS

0.004

Percentile

73.2%

JSON

A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability.

CNA Affected

[
  {
    "product": "Aruba ClearPass Policy Manager",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to 6.9.5, 6.8.9, 6.7.14-HF1"
      }
    ]
  }
]

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt