threat
engine
.sh
Back
·
··:··
Home
/
Product
/
arubanetworks clearpass policy manager
Product
arubanetworks clearpass policy manager
136 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-25039
>= 6.11.0 and < 6.11.10
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authen
4.7
MEDIUM
CVE-2025-23060
>= 6.11.0 and < 6.11.10
A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances, expose sensitive unencrypted in
6.6
MEDIUM
CVE-2025-23059
>= 6.11.0 and < 6.11.10
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories contain
6.8
MEDIUM
CVE-2025-23058
>= 6.11.0 and < 6.11.10
A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated r
8.8
HIGH
CVE-2024-53672
>= 6.11.0 and < 6.11.10
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary
4.7
MEDIUM
CVE-2024-51773
>= 6.11.0 and < 6.11.10
A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated r
4.8
MEDIUM
CVE-2024-51772
>= 6.11.0 and < 6.11.10
An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated user
6.4
MEDIUM
CVE-2024-51771
>= 6.11.0 and < 6.11.10
A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated r
7.2
HIGH
CVE-2024-5486
>= 6.11 and <= 6.11.8
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive
5.8
MEDIUM
CVE-2024-41916
<= 6.11.8
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive
6.8
MEDIUM
CVE-2024-41915
>= 6.11.0 and < 6.11.9
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
7.2
HIGH
CVE-2024-26302
>= 6.9.0 and < 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with
4.8
MEDIUM
CVE-2024-26301
>= 6.9.0 and < 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with
6.5
MEDIUM
CVE-2024-26300
>= 6.9.0 and < 6.9.13
A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a store
6.6
MEDIUM
CVE-2024-26299
>= 6.9.0 and < 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
6.6
MEDIUM
CVE-2024-26298
>= 6.9.0 and < 6.9.13
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2024-26297
>= 6.9.0 and < 6.9.13
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2024-26296
>= 6.9.0 and < 6.9.13
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2024-26295
>= 6.9.0 and < 6.9.13
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2024-26294
>= 6.9.0 and < 6.9.13
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2023-43510
< 6.9.13
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrar
4.7
MEDIUM
CVE-2023-43509
< 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker
5.8
MEDIUM
CVE-2023-43508
< 6.9.13
Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to
6.3
MEDIUM
CVE-2023-43507
< 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker t
7.2
HIGH
CVE-2023-43506
< 6.9.13
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privi
7.8
HIGH
CVE-2023-25596
>= 6.9.0 and <= 6.9.13
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive
4.5
MEDIUM
CVE-2023-25595
>= 6.9.0 and <= 6.9.13
A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to pot
5.5
MEDIUM
CVE-2023-25594
>= 6.9.0 and <= 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to
6.3
MEDIUM
CVE-2023-25593
>= 6.9.0 and <= 6.9.13
Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a r
7.1
HIGH
CVE-2023-25592
>= 6.9.0 and <= 6.9.13
Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a r
7.1
HIGH
CVE-2023-25591
>= 6.9.0 and <= 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with
7.6
HIGH
CVE-2023-25590
>= 6.9.0 and <= 6.9.13
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privile
7.8
HIGH
CVE-2023-25589
>= 6.9.0 and <= 6.9.13
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker t
9.8
CRITICAL
CVE-2022-43540
>= 6.9.0 and < 6.9.12
A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with local macOS instance access to potent
5.5
MEDIUM
CVE-2022-43539
>= 6.9.0 and < 6.9.12
A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network p
5.7
MEDIUM
CVE-2022-43538
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-43537
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-43536
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-43535
>= 6.9.0 and < 6.9.12
A vulnerability in the ClearPass OnGuard Windows agent could allow malicious users on a Windows instance to elevate their user pri
7.8
HIGH
CVE-2022-43534
>= 6.9.0 and < 6.9.12
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privile
7.8
HIGH
CVE-2022-43533
>= 6.9.0 and < 6.9.12
A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privile
7.8
HIGH
CVE-2022-43532
>= 6.9.0 and < 6.9.12
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.0
HIGH
CVE-2022-43531
>= 6.9.0 and < 6.9.12
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.8
HIGH
CVE-2022-43530
>= 6.9.0 and < 6.9.12
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.8
HIGH
CVE-2022-23696
>= 6.9.0 and < 6.9.12
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.8
HIGH
CVE-2022-23695
>= 6.9.0 and < 6.9.12
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.8
HIGH
CVE-2022-23694
>= 6.9.0 and < 6.9.12
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.8
HIGH
CVE-2022-23693
>= 6.9.0 and < 6.9.12
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.8
HIGH
CVE-2022-23692
>= 6.9.0 and < 6.9.12
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to
8.8
HIGH
CVE-2022-23685
>= 6.9.0 and < 6.9.12
A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cr
8.8
HIGH
CVE-2022-37884
>= 6.9.0 and < 6.9.12
A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send spe
7.5
HIGH
CVE-2022-37883
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-37882
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-37881
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-37880
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-37879
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-37878
>= 6.9.0 and < 6.9.12
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary c
7.2
HIGH
CVE-2022-37877
>= 6.9.0 and < 6.9.12
A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privile
7.8
HIGH
CVE-2022-23674
<= 6.7.14
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s)
5.4
MEDIUM
CVE-2022-23675
<= 6.7.14
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s)
4.8
MEDIUM
CVE-2022-23673
<= 6.7.14
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
7.2
HIGH
CVE-2022-23672
<= 6.7.14
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
7.2
HIGH
CVE-2022-23671
<= 6.7.14
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 an
7.5
HIGH
CVE-2022-23669
<= 6.7.14
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 a
8.8
HIGH
CVE-2022-23670
< 6.8.9
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 an
6.5
MEDIUM
CVE-2022-23668
< 6.8.9
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s
4.9
MEDIUM
CVE-2022-23667
< 6.8.9
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
7.2
HIGH
CVE-2022-23666
< 6.8.9
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
9.1
CRITICAL
CVE-2022-23665
< 6.8.9
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
9.1
CRITICAL
CVE-2022-23664
< 6.8.9
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
9.1
CRITICAL
CVE-2022-23663
< 6.8.9
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
9.1
CRITICAL
CVE-2022-23662
< 6.8.9
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
9.1
CRITICAL
CVE-2022-23661
< 6.8.9
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and bel
9.1
CRITICAL
CVE-2022-23660
< 6.8.9
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9
10.0
CRITICAL
CVE-2022-23659
< 6.8.9
A remote reflected cross site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 an
6.1
MEDIUM
CVE-2022-23658
< 6.8.9
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9
10.0
CRITICAL
CVE-2022-23657
< 6.8.9
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9
10.0
CRITICAL
CVE-2021-40998
>= 6.8.0 and < 6.8.9
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy M
7.2
HIGH
CVE-2021-40997
>= 6.8.0 and < 6.8.9
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager
9.8
CRITICAL
CVE-2021-40996
>= 6.8.0 and < 6.8.9
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager
9.8
CRITICAL
CVE-2021-40995
>= 6.8.0 and < 6.8.9
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy M
6.3
MEDIUM
CVE-2021-40994
>= 6.8.0 and < 6.8.9
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy M
6.3
MEDIUM
CVE-2021-40993
>= 6.8.0 and < 6.8.9
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x
8.1
HIGH
CVE-2021-40991
>= 6.8.0 and < 6.8.9
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass
7.2
HIGH
CVE-2021-40992
>= 6.8.0 and < 6.8.9
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x
7.2
HIGH
CVE-2021-40990
>= 6.8.0 and < 6.8.9
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass
6.5
MEDIUM
CVE-2021-40989
>= 6.8.0 and < 6.8.9
A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manage
7.8
HIGH
CVE-2021-40988
>= 6.8.0 and < 6.8.9
A remote directory traversal vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6
7.2
HIGH
CVE-2021-40987
>= 6.8.0 and < 6.8.9
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy M
7.2
HIGH
CVE-2021-40986
>= 6.8.0 and < 6.8.9
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy M
7.2
HIGH
CVE-2021-37739
>= 6.8.0 and <= 6.8.9
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy M
7.2
HIGH
CVE-2021-37738
>= 6.8.0 and <= 6.8.9
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass
7.5
HIGH
CVE-2021-37737
>= 6.8.0 and < 6.8.9
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x
8.8
HIGH
CVE-2021-37736
>= 6.8.0 and < 6.8.9
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager
9.8
CRITICAL
CVE-2021-40999
>= 6.8.0 and < 6.8.9
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy M
7.2
HIGH
CVE-2021-34616
>= 6.6.0 and <= 6.6.10
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6
6.3
MEDIUM
CVE-2021-34615
>= 6.6.0 and <= 6.6.10
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6
6.3
MEDIUM
CVE-2021-34613
>= 6.6.0 and <= 6.6.10
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6
6.3
MEDIUM
CVE-2021-34612
>= 6.6.0 and <= 6.6.10
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6
6.3
MEDIUM
CVE-2021-34614
>= 6.6.0 and <= 6.6.10
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6
6.3
MEDIUM
CVE-2021-34609
>= 6.6.0 and <= 6.6.10
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9
8.8
HIGH
CVE-2021-34611
>= 6.6.0 and <= 6.6.10
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6
7.2
HIGH
CVE-2021-34610
>= 6.6.0 and <= 6.6.10
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6
7.2
HIGH
CVE-2021-29152
>= 6.6.0 and <= 6.6.10
A remote denial of service (DoS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6
6.5
MEDIUM
CVE-2021-29151
>= 6.6.0 and <= 6.6.10
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 a
4.3
MEDIUM
CVE-2021-29150
>= 6.6.0 and < 6.8.9
A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.
7.2
HIGH
CVE-2020-7123
>= 6.7.0 and < 6.7.12
A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6
7.8
HIGH
CVE-2021-26680
< 6.7.14
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5
7.2
HIGH
CVE-2021-26679
< 6.7.14
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5
7.2
HIGH
CVE-2021-26677
< 6.7.14
A local authenticated escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to
7.8
HIGH
CVE-2020-7120
< 6.8.8
A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6
5.3
MEDIUM
CVE-2021-26686
< 6.7.14
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6
6.5
MEDIUM
CVE-2021-26684
<= 6.7.14
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5
7.2
HIGH
CVE-2021-26683
<= 6.7.14
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5
7.2
HIGH
CVE-2021-26682
< 6.7.14
A remote reflected cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to
6.1
MEDIUM
CVE-2021-26681
< 6.7.14
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5
7.2
HIGH
CVE-2021-26678
< 6.7.14
A remote unauthenticated stored cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(
6.1
MEDIUM
CVE-2021-26685
<= 6.7.14
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6
6.5
MEDIUM
CVE-2020-7117
>= 6.7.0 and <= 6.7.13
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is al
7.2
HIGH
CVE-2020-7116
>= 6.7.0 and <= 6.7.13
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is al
7.2
HIGH
CVE-2020-7115
>= 6.7.0 and <= 6.7.13
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful byp
9.8
CRITICAL
CVE-2018-7079
< 6.6.10
Aruba ClearPass Policy Manager guest authorization failure. Certain administrative operations in ClearPass Guest do not properly e
7.2
HIGH
CVE-2018-7067
< 6.6.10
A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in a
7.2
HIGH
CVE-2018-7066
< 6.6.10
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect fe
9.0
CRITICAL
CVE-2018-7065
< 6.6.10
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of C
7.2
HIGH
CVE-2018-7063
< 6.6.10
In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass
8.1
HIGH
CVE-2015-4650
<= 6.4.6
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to gain shell access and execu
9.8
CRITICAL
CVE-2017-5638
< 6.6.5
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and
9.8
CRITICAL
CVE-2015-4132
<= 6.4.4
Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote ad
CVE-2015-1551
<= 6.4.3
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to r
CVE-2015-1550
<= 6.4.4
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to e
CVE-2015-1392
<= 6.4.4
Multiple SQL injection vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators
CVE-2015-1389
<= 6.4.4
Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to
CVE-2014-6628
<= 6.4.5
Aruba Networks ClearPass Policy Manager (CPPM) before 6.5.0 allows remote administrators to execute arbitrary code via unspecified
CVE-2014-8367
>= 6.2.0 and <= 6.2.6
SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before 6.3.6, and 6.4.x before 6.4.2 al
CVE-2014-2593
all versions
The management console in Aruba Networks ClearPass Policy Manager 6.3.0.60730 allows local users to execute arbitrary commands via
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin