CVE-2018-7063XML External Entity (XXE) Injection in Clearpass Policy Manager

CWE-611XML External Entity (XXE) Injection3 documents3 sources
Severity
8.1HIGHNVD
EPSS
0.5%
top 34.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Arubanetworks Clearpass Policy ManagerHewlett Packard Enterprise Aruba Clearpass Policy Manager
Timeline
PublishedDec 7
Latest updateMay 14

Description

In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API and complete compromise of the ClearPass instance if an attacker knows of the existence of these accounts.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5hewlett_packard_enterprise/aruba_clearpass_policy_managerClearPass 6.7.x prior to 6.7.6, ClearPass 6.6.10 and earlier without hotfix applied

🔴Vulnerability Details

2
GHSA
GHSA-g5wv-8cpq-h4x2: In Aruba ClearPass, disabled API admins can still perform read/write operations2022-05-14
CVEList
CVE-2018-7063: In Aruba ClearPass, disabled API admins can still perform read/write operations2018-12-07
CVE-2018-7063 — XML External Entity (XXE) Injection | cvebase