Vulnerabilities > Arubanetworks > Clearpass Policy Manager > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-25 | CVE-2023-43508 | Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. | 6.5 |
2023-10-25 | CVE-2023-43509 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to send notifications to computers that are running ClearPass OnGuard. | 5.8 |
2023-10-25 | CVE-2023-43510 | Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. | 6.3 |
2023-03-22 | CVE-2023-25593 | Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
2023-03-22 | CVE-2023-25595 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. | 5.5 |
2023-03-22 | CVE-2023-25596 | Cleartext Storage of Sensitive Information vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. | 4.9 |
2023-01-05 | CVE-2022-43532 | Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. | 4.8 |
2023-01-05 | CVE-2022-43539 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network position to potentially obtain sensitive information. low complexity arubanetworks | 4.5 |
2023-01-05 | CVE-2022-43540 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with local macOS instance access to potentially obtain sensitive information. | 5.5 |
2022-05-17 | CVE-2022-23669 | Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. | 6.5 |