Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2022-05-17 CVE-2022-23674 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
3.5
2022-05-17 CVE-2022-23669 Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-613
6.5
2022-05-17 CVE-2022-23671 Information Exposure vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-200
5.0
2022-05-17 CVE-2022-23672 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-77
critical
9.0
2022-05-17 CVE-2022-23673 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-77
critical
9.0
2022-05-17 CVE-2022-23675 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
3.5
2022-05-16 CVE-2022-23667 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
6.5
2022-05-16 CVE-2022-23668 Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-918
4.0
2022-05-16 CVE-2022-23670 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
4.0
2022-05-16 CVE-2022-23657 Improper Authentication vulnerability in Arubanetworks Clearpass Policy Manager
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-287
critical
10.0