Vulnerabilities > Arubanetworks > Clearpass Policy Manager > 6.11.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2025-25039 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. | 8.8 |
| 2025-02-04 | CVE-2025-23058 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to execute functions that should be restricted to administrators only with read/write privileges. | 8.1 |
| 2025-02-04 | CVE-2025-23059 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. | 4.9 |
| 2025-02-04 | CVE-2025-23060 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances, expose sensitive unencrypted information. | 8.1 |
| 2024-12-03 | CVE-2024-51772 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. | 8.0 |
| 2024-12-03 | CVE-2024-51773 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote Attacker to conduct a stored cross-site scripting (XSS) attack. | 5.4 |
| 2024-12-03 | CVE-2024-53672 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. | 6.3 |
| 2024-12-03 | CVE-2024-51771 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. | 8.8 |
| 2024-07-30 | CVE-2024-41915 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
| 2024-02-27 | CVE-2024-26300 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. | 4.8 |