6.5.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-06	CVE-2016-4401	Insufficiently Protected Credentials vulnerability in Arubanetworks Clearpass Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials. network low complexity arubanetworks CWE-522 critical	10.0
2017-08-29	CVE-2015-4649	Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-3654. network low complexity arubanetworks CWE-284 critical	9.0
2017-08-29	CVE-2015-3657	Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors. network low complexity arubanetworks CWE-284	6.5
2017-08-29	CVE-2015-3656	Improper Authorization vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain privileges by leveraging failure to properly enforce authorization checks. network low complexity arubanetworks CWE-285	6.5
2017-08-29	CVE-2015-3655	Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token. network arubanetworks CWE-352	6.8
2017-08-29	CVE-2015-3654	Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649. network low complexity arubanetworks CWE-284 critical	9.0
2017-08-29	CVE-2015-3653	Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking. network low complexity arubanetworks CWE-284 critical	9.0
2017-06-08	CVE-2016-2034	SQL Injection vulnerability in Arubanetworks Clearpass SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. network low complexity arubanetworks CWE-89	7.5