Vulnerabilities > Arubanetworks > Clearpass Policy Manager > 6.1.4

DATE CVE VULNERABILITY TITLE RISK
2022-05-17 CVE-2022-23675 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. 		3.5
3.5
2022-05-16 CVE-2022-23667 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
6.5
6.5
2022-05-16 CVE-2022-23668 Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-918
4.0
4.0
2022-05-16 CVE-2022-23670 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
4.0
4.0
2022-05-16 CVE-2022-23657 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
critical
 10.0
10
2022-05-16 CVE-2022-23658 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
critical
 10.0
10
2022-05-16 CVE-2022-23659 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote reflected cross site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. 		4.3
4.3
2022-05-16 CVE-2022-23660 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
critical
 10.0
10
2022-05-16 CVE-2022-23661 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.0
9.0
2022-05-16 CVE-2022-23662 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1