14 matches found
CVE-2018-20663
The Reporting Addon aka Reports Addon through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports Reports" name field...
EMC RSA Archer 6.0 < 6.9 SP3 P4 / 6.10 < 6.10 P2 Remote Code Execution
The version of EMC RSA Archer running on the remote web server is 6.x prior to 6.9.3.4 6.9 SP3 P4, 6.10.x prior to 6.10.0.2 6.10 P2. It is, therefore, affected by a remote code execution vulnerability due to unrestricted upload of a file with a dangerous type. A remote, authenticated malicious us...
CVE-2022-43538
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complet...
Aruba Networks ClearPass Policy Manager SQL注入漏洞
Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker could exploit this vulnerability to perform a SQL injection attac...
Aruba Networks ClearPass Policy Manager 操作系统命令注入漏洞
Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. An operating system command injection vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker could use this vulnerability to run...
CVE-2022-23694
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information...
CVE-2022-37878
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...
PT-2022-24124 · Aruba · Aruba Clearpass Policy Manager
Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.x through 6.10.6 Aruba ClearPass Policy Manager versions 6.9.x through 6.9.11 Description: Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated...
Command injection
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for...
CVE-2021-40991
Aruba ClearPass Policy Manager is affected by CVE-2021-40991, a remote information-disclosure vulnerability. Affected versions include ClearPass Policy Manager 6.10.x prior to 6.10.2, 6.9.x prior to 6.9.7-HF1, and 6.8.x prior to 6.8.9-HF1. The issue enables unauthorized disclosure of sensitive in...
CUBA Platform Reporting Addon Cross-Site Scripting Vulnerability
CUBA Platform is an open source Java Web framework for enterprise applications . Reporting Addon aka Reports Addon is one of the reporting addon . A cross-site scripting vulnerability exists in Reporting Addon in CUBA Platform 6.10.x and earlier versions 2019-01-02 and earlier. A remote attacker...
CVE-2017-7849
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode...
Privilege escalation
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode...
CVE-2017-7850
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode...