Vulnerabilities > Arubanetworks > Clearpass Policy Manager > 6.7.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-7115 | Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass Policy Manager The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. | 9.8 |
| 2018-12-07 | CVE-2018-7079 | Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager Aruba ClearPass Policy Manager guest authorization failure. | 7.2 |
| 2018-12-07 | CVE-2018-7067 | Improper Authentication vulnerability in Arubanetworks Clearpass Policy Manager A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. | 7.2 |
| 2018-12-07 | CVE-2018-7066 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. | 9.0 |
| 2018-12-07 | CVE-2018-7065 | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. | 7.2 |
| 2018-12-07 | CVE-2018-7063 | XXE vulnerability in Arubanetworks Clearpass Policy Manager In Aruba ClearPass, disabled API admins can still perform read/write operations. | 8.1 |