Vulnerabilities > Arubanetworks > Clearpass > 6.2.6.62196

DATE CVE VULNERABILITY TITLE RISK
2019-11-06 CVE-2016-4401 Insufficiently Protected Credentials vulnerability in Arubanetworks Clearpass
Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials.
network
low complexity
arubanetworks CWE-522
critical
 9.8
9.8
2017-08-29 CVE-2015-4649 Improper Access Control vulnerability in Arubanetworks Clearpass
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-3654.
network
low complexity
arubanetworks CWE-284
7.2
7.2
2017-08-29 CVE-2015-3657 Improper Access Control vulnerability in Arubanetworks Clearpass
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors.
network
low complexity
arubanetworks CWE-284
7.2
7.2
2017-08-29 CVE-2015-3656 Improper Authorization vulnerability in Arubanetworks Clearpass
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain privileges by leveraging failure to properly enforce authorization checks.
network
low complexity
arubanetworks CWE-285
7.2
7.2
2017-08-29 CVE-2015-3654 Improper Access Control vulnerability in Arubanetworks Clearpass
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649.
network
low complexity
arubanetworks CWE-284
7.2
7.2
2017-08-29 CVE-2015-3653 Improper Access Control vulnerability in Arubanetworks Clearpass
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking.
network
low complexity
arubanetworks CWE-284
7.2
7.2