Aruba Clearpass Policy Manager Security Vulnerabilities and Issues — Aruba Clearpass Policy Manager CVE List

Lucene search

HpAruba Clearpass Policy Manager

11 matches found

CVE•added 2018/08/06 8:29 p.m.•439 views

CVE-2018-5390

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

7.8CVSS7.5AI score0.19919EPSS

CVE•added 2018/02/15 10:29 p.m.•54 views

CVE-2017-5829

An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

7.8CVSS7.6AI score0.0014EPSS

CVE•added 2018/08/06 8:29 p.m.•47 views

CVE-2018-7058

Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest ca...

10CVSS9.6AI score0.00917EPSS

CVE•added 2018/08/06 8:29 p.m.•40 views

CVE-2017-9002

All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an attacker who can trick a logged-in ClearPass administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords....

6.1CVSS6AI score0.00453EPSS

CVE•added 2018/02/15 10:29 p.m.•38 views

CVE-2017-5827

A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

5.4CVSS5.3AI score0.00279EPSS

CVE•added 2018/02/15 10:29 p.m.•35 views

CVE-2017-5824

An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

10CVSS9.7AI score0.2655EPSS

CVE•added 2018/08/06 8:29 p.m.•35 views

CVE-2017-9001

Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to ...

9.3CVSS8.6AI score0.02307EPSS

CVE•added 2018/08/06 8:29 p.m.•34 views

CVE-2018-7059

Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenti...

8.8CVSS8.3AI score0.00385EPSS

CVE•added 2018/02/15 10:29 p.m.•33 views

CVE-2017-5826

An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

8.8CVSS8.8AI score0.02594EPSS

CVE•added 2018/02/15 10:29 p.m.•30 views

CVE-2017-5825

A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

8.8CVSS8.8AI score0.01809EPSS

CVE•added 2018/02/15 10:29 p.m.•30 views

CVE-2017-5828

An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.

8.1CVSS8.2AI score0.0055EPSS