Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Aruba Clearpass Policy Manager Security Vulnerabilities

cve
cve

CVE-2017-5824

An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

9.8CVSS

9.7AI Score

0.026EPSS

2018-02-15 10:29 PM
24
2
cve
cve

CVE-2017-5825

A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

8.8CVSS

8.8AI Score

0.002EPSS

2018-02-15 10:29 PM
22
2
cve
cve

CVE-2017-5826

An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

8.8CVSS

8.8AI Score

0.011EPSS

2018-02-15 10:29 PM
25
2
cve
cve

CVE-2017-5827

A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

5.4CVSS

5.3AI Score

0.001EPSS

2018-02-15 10:29 PM
27
2
cve
cve

CVE-2017-5828

An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

8.1CVSS

8.2AI Score

0.001EPSS

2018-02-15 10:29 PM
23
2
cve
cve

CVE-2017-5829

An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

7.8CVSS

7.6AI Score

0.001EPSS

2018-02-15 10:29 PM
35
2
cve
cve

CVE-2017-9001

Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to ...

8.1CVSS

8.6AI Score

0.002EPSS

2018-08-06 08:29 PM
25
cve
cve

CVE-2017-9002

All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an attacker who can trick a logged-in ClearPass administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords....

6.1CVSS

6AI Score

0.001EPSS

2018-08-06 08:29 PM
23
cve
cve

CVE-2018-5390

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

7.5CVSS

7.3AI Score

0.783EPSS

2018-08-06 08:29 PM
388
cve
cve

CVE-2018-7058

Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest ca...

9.8CVSS

9.6AI Score

0.003EPSS

2018-08-06 08:29 PM
28
cve
cve

CVE-2018-7059

Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenti...

8.8CVSS

8.3AI Score

0.001EPSS

2018-08-06 08:29 PM
22