Vulnerabilities > Arubanetworks > Clearpass > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-29 | CVE-2021-29145 | Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. | 9.8 |
| 2020-04-16 | CVE-2020-7114 | Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. | 9.8 |
| 2019-11-06 | CVE-2016-4401 | Insufficiently Protected Credentials vulnerability in Arubanetworks Clearpass Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials. | 9.8 |
| 2017-06-08 | CVE-2016-2034 | SQL Injection vulnerability in Arubanetworks Clearpass SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. | 9.8 |