Vulnerabilities > Arubanetworks > Clearpass > 6.7.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-29141 | Unspecified vulnerability in Arubanetworks Clearpass A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 4.0 |
| 2021-04-29 | CVE-2021-29139 | Cross-site Scripting vulnerability in Arubanetworks Clearpass A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 3.5 |
| 2021-04-29 | CVE-2021-29142 | Cross-site Scripting vulnerability in Arubanetworks Clearpass A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 3.5 |
| 2021-04-29 | CVE-2021-29138 | Unspecified vulnerability in Arubanetworks Clearpass A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 4.0 |
| 2021-04-29 | CVE-2021-29140 | XXE vulnerability in Arubanetworks Clearpass A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 6.4 |
| 2021-04-29 | CVE-2021-29144 | Unspecified vulnerability in Arubanetworks Clearpass A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 4.0 |
| 2021-04-29 | CVE-2021-29145 | Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 7.5 |
| 2021-04-29 | CVE-2021-29147 | OS Command Injection vulnerability in Arubanetworks Clearpass A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 9.0 |
| 2021-04-29 | CVE-2021-29146 | Cross-site Scripting vulnerability in Arubanetworks Clearpass A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 3.5 |
| 2020-04-16 | CVE-2020-7114 | Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. | 7.5 |