Vulnerabilities > Arubanetworks > Clearpass

DATE CVE VULNERABILITY TITLE RISK
2021-04-29 CVE-2021-29141 Unspecified vulnerability in Arubanetworks Clearpass
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks
6.5
6.5
2021-04-29 CVE-2021-29139 Cross-site Scripting vulnerability in Arubanetworks Clearpass
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-79
4.8
4.8
2021-04-29 CVE-2021-29142 Cross-site Scripting vulnerability in Arubanetworks Clearpass
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-79
4.8
4.8
2021-04-29 CVE-2021-29138 Unspecified vulnerability in Arubanetworks Clearpass
A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks
6.5
6.5
2021-04-29 CVE-2021-29140 XXE vulnerability in Arubanetworks Clearpass
A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-611
8.2
8.2
2021-04-29 CVE-2021-29144 Unspecified vulnerability in Arubanetworks Clearpass
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks
6.5
6.5
2021-04-29 CVE-2021-29145 Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass
A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-918
critical
 9.8
9.8
2021-04-29 CVE-2021-29147 OS Command Injection vulnerability in Arubanetworks Clearpass
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-78
8.8
8.8
2021-04-29 CVE-2021-29146 Cross-site Scripting vulnerability in Arubanetworks Clearpass
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-79
5.4
5.4
2020-04-16 CVE-2020-7114 Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass
A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets.
network
low complexity
arubanetworks CWE-306
critical
 9.8
9.8