Arubanetworks Clearpass Policy Manager vulnerabilities

CVE-2021-40991 [HIGH] CVE-2021-40991: A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vu

CVE-2021-37738 [HIGH] CWE-862 CVE-2021-37738: A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this sec

CVE-2021-37737 [HIGH] CWE-89 CVE-2021-37737: A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Cl A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.

CVE-2021-40989 [HIGH] CVE-2021-40989: A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager versi A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.

CVE-2021-37739 [HIGH] CWE-77 CVE-2021-37739: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vul

CVE-2021-40993 [HIGH] CWE-89 CVE-2021-40993: A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Cl A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.

CVE-2021-40999 [HIGH] CWE-77 CVE-2021-40999: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vul

CVE-2021-40987 [HIGH] CWE-77 CVE-2021-40987: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vul

CVE-2021-40998 [HIGH] CWE-77 CVE-2021-40998: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vul

CVE-2021-40986 [HIGH] CWE-77 CVE-2021-40986: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vul

CVE-2021-40992 [HIGH] CWE-89 CVE-2021-40992: A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Cl A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.

CVE-2021-40988 [HIGH] CWE-22 CVE-2021-40988: A remote directory traversal vulnerability was discovered in Aruba ClearPass Policy Manager version( A remote directory traversal vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerabil

CVE-2021-40994 [MEDIUM] CWE-77 CVE-2021-40994: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security v

CVE-2021-40990 [MEDIUM] CVE-2021-40990: A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security

CVE-2021-40995 [MEDIUM] CWE-77 CVE-2021-40995: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security v

CVE-2021-34609 [HIGH] CWE-89 CVE-2021-34609: A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Pr A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVE-2021-34610 [HIGH] CWE-78 CVE-2021-34610: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVE-2021-29150 [HIGH] CWE-502 CVE-2021-29150: A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager ver A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVE-2021-34611 [HIGH] CWE-78 CVE-2021-34611: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

CVE-2021-34612 [MEDIUM] CWE-78 CVE-2021-34612: A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.