Vulnerabilities > Arubanetworks > Clearpass Policy Manager > 6.7.9

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2021-26686 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-89
5.5
5.5
2021-02-23 CVE-2021-26684 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-77
critical
 9.0
9.0
2021-02-23 CVE-2021-26683 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-77
critical
 9.0
9.0
2021-02-23 CVE-2021-26682 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote reflected cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. 		4.3
4.3
2021-02-23 CVE-2021-26681 Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-77
critical
 9.0
9.0
2021-02-23 CVE-2021-26678 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote unauthenticated stored cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. 		4.3
4.3
2021-02-23 CVE-2021-26685 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-89
5.5
5.5
2020-06-03 CVE-2020-7117 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution.
network
low complexity
arubanetworks
critical
 9.0
9.0
2020-06-03 CVE-2020-7116 Improper Input Validation vulnerability in Arubanetworks Clearpass Policy Manager
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution.
network
low complexity
arubanetworks CWE-20
critical
 9.0
9.0
2020-06-03 CVE-2020-7115 Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass Policy Manager
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass.
network
low complexity
arubanetworks CWE-306
critical
 9.8
9.8