Vulnerabilities > Arubanetworks > Clearpass > 6.5.0

DATE CVE VULNERABILITY TITLE RISK
2019-11-06 CVE-2016-4401 Insufficiently Protected Credentials vulnerability in Arubanetworks Clearpass
Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials.
network
low complexity
arubanetworks CWE-522
critical
9.8
2017-08-29 CVE-2015-3655 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass
Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token.
network
low complexity
arubanetworks CWE-352
8.8
2017-06-08 CVE-2016-2034 SQL Injection vulnerability in Arubanetworks Clearpass
SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0.
network
low complexity
arubanetworks CWE-89
critical
9.8