Vulnerabilities > Arubanetworks > Clearpass Policy Manager > 6.7.2

DATE CVE VULNERABILITY TITLE RISK
2020-06-03 CVE-2020-7115 Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass Policy Manager
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass.
network
low complexity
arubanetworks CWE-306
critical
9.8
2018-12-07 CVE-2018-7079 Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager
Aruba ClearPass Policy Manager guest authorization failure.
network
low complexity
arubanetworks CWE-863
7.2
2018-12-07 CVE-2018-7067 Improper Authentication vulnerability in Arubanetworks Clearpass Policy Manager
A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise.
network
low complexity
arubanetworks CWE-287
7.2
2018-12-07 CVE-2018-7066 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices.
network
high complexity
arubanetworks
critical
9.0
2018-12-07 CVE-2018-7065 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation.
network
low complexity
arubanetworks CWE-89
7.2
2018-12-07 CVE-2018-7063 XXE vulnerability in Arubanetworks Clearpass Policy Manager
In Aruba ClearPass, disabled API admins can still perform read/write operations.
network
high complexity
arubanetworks CWE-611
8.1