Vulnerabilities > Arubanetworks > Clearpass > 6.7.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-29141 | Unspecified vulnerability in Arubanetworks Clearpass A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 6.5 |
| 2021-04-29 | CVE-2021-29139 | Cross-site Scripting vulnerability in Arubanetworks Clearpass A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 4.8 |
| 2021-04-29 | CVE-2021-29142 | Cross-site Scripting vulnerability in Arubanetworks Clearpass A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 4.8 |
| 2021-04-29 | CVE-2021-29140 | XXE vulnerability in Arubanetworks Clearpass A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 8.2 |
| 2021-04-29 | CVE-2021-29144 | Unspecified vulnerability in Arubanetworks Clearpass A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 6.5 |
| 2021-04-29 | CVE-2021-29145 | Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 9.8 |
| 2021-04-29 | CVE-2021-29147 | OS Command Injection vulnerability in Arubanetworks Clearpass A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 8.8 |
| 2021-04-29 | CVE-2021-29146 | Cross-site Scripting vulnerability in Arubanetworks Clearpass A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 5.4 |
| 2020-04-16 | CVE-2020-7114 | Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. | 9.8 |
| 2020-04-16 | CVE-2020-7113 | Unspecified vulnerability in Arubanetworks Clearpass A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. | 4.9 |