CVE-2014-6626 β€” Improper Access Control in Clearpass

CWE-284 β€” Improper Access Control3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
3.9%
top 11.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Arubanetworks Clearpass
Timeline
PublishedNov 19
Latest updateMay 17

Description

Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not properly restrict access to unspecified administrative functions, which allows remote attackers to bypass authentication and execute administrative actions via unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

β–ΆNVDarubanetworks/clearpass6.3.4+1

πŸ”΄Vulnerability Details

2
GHSA
GHSA-rx8q-qfw2-xx3m: Aruba Networks ClearPass before 6β†—2022-05-17
β–Ά
CVEList
CVE-2014-6626: Aruba Networks ClearPass before 6β†—2014-11-19
β–Ά
CVE-2014-6626 β€” Improper Access Control in Clearpass | cvebase