Vulnerabilities > Arubanetworks > Clearpass Policy Manager

DATE CVE VULNERABILITY TITLE RISK
2023-01-05 CVE-2022-43534 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges.
local
low complexity
arubanetworks
7.8
7.8
2023-01-05 CVE-2022-43535 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability in the ClearPass OnGuard Windows agent could allow malicious users on a Windows instance to elevate their user privileges.
local
low complexity
arubanetworks
7.8
7.8
2023-01-05 CVE-2022-43536 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks CWE-78
8.8
8.8
2023-01-05 CVE-2022-43537 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks CWE-78
7.2
7.2
2023-01-05 CVE-2022-43538 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks CWE-78
7.2
7.2
2023-01-05 CVE-2022-43539 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network position to potentially obtain sensitive information.
low complexity
arubanetworks
4.5
4.5
2023-01-05 CVE-2022-43540 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with local macOS instance access to potentially obtain sensitive information.
local
low complexity
arubanetworks
5.5
5.5
2022-09-20 CVE-2022-23685 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection.
network
low complexity
arubanetworks CWE-352
8.8
8.8
2022-09-20 CVE-2022-23692 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.
network
low complexity
arubanetworks CWE-89
8.8
8.8
2022-09-20 CVE-2022-23693 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.
network
low complexity
arubanetworks CWE-89
8.8
8.8