Lucene search
HistoryMay 28, 2015 - 2:59 p.m.
CVE-2015-1389
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.006
Percentile
79.0%
Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to inject arbitrary web script or HTML via the username parameter to tips/tipsLoginSubmit.action.
Affected configurations
Node
arubanetworksclearpass_policy_managerRange≤6.4.4
Related
zdt
zdt
Aruba ClearPass Policy Manager Stored XSS Vulnerability
2015-06-02 00:00:00
prion
prion
Cross site scripting
2015-05-28 14:59:00
cvelist
cvelist
CVE-2015-1389
2015-05-28 14:00:00
packetstorm
packetstorm
Aruba ClearPass Policy Manager 6.4 Cross Site Scripting
2015-05-27 00:00:00
exploitpack
exploitpack
Aruba ClearPass Policy Manager - Persistent Cross-Site Scripting
2015-06-01 00:00:00
cve
cve
CVE-2015-1389
2015-05-28 14:59:01
exploitdb
exploitdb
Aruba ClearPass Policy Manager - Persistent Cross-Site Scripting
2015-06-01 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.006
Percentile
79.0%
Related for NVD:CVE-2015-1389