CVE-2021-40993

2021-10-1514:07:37

hpe

www.cve.org

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.5%

JSON

A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.

CNA Affected

[
  {
    "product": "Aruba ClearPass Policy Manager",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1"
      }
    ]
  }
]

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-018.txt