Hewlett Packard Enterprise Aruba Clearpass Policy Manager vulnerabilities

127 known vulnerabilities affecting hewlett_packard_enterprise/aruba_clearpass_policy_manager.

Total CVEs
127
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL16HIGH69MEDIUM42

Vulnerabilities

Page 3 of 7
CVE-2022-23693HIGHCVSS 8.8v6.10.x: 6.10.6 and belowv6.9.x: 6.9.11 and below2022-09-20
CVE-2022-23693 [HIGH] CVE-2022-23693: Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injectio Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underl
cvelistv5
CVE-2022-23692HIGHCVSS 8.8v6.10.x: 6.10.6 and belowv6.9.x: 6.9.11 and below2022-09-20
CVE-2022-23692 [HIGH] CVE-2022-23692: Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injectio Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underl
cvelistv5
CVE-2022-37881HIGHCVSS 7.2v6.10.x: 6.10.6 and belowv6.9.x: 6.9.11 and below2022-09-20
CVE-2022-37881 [HIGH] CVE-2022-37881: Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the under Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system comp
cvelistv5
CVE-2022-37884HIGHCVSS 7.5v6.10.x: 6.10.6 and belowv6.9.x: 6.9.11 and below2022-09-20
CVE-2022-37884 [HIGH] CVE-2022-37884: A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations whi A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in the unavailability of the guest interface in Aruba ClearPa
cvelistv5
CVE-2022-23685HIGHCVSS 8.8v6.10.x: 6.10.6 and belowv6.9.x: 6.9.11 and below2022-09-20
CVE-2022-23685 [HIGH] CVE-2022-23685: A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request For A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection. This could allow a remote unauthenticated attacker to execute arbitrary input against these endpoints if the attacker can convince an aut
cvelistv5
CVE-2022-23695HIGHCVSS 8.8v6.10.x: 6.10.6 and belowv6.9.x: 6.9.11 and below2022-09-20
CVE-2022-23695 [HIGH] CVE-2022-23695: Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injectio Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underl
cvelistv5
CVE-2022-23694HIGHCVSS 8.8v6.10.x: 6.10.6 and belowv6.9.x: 6.9.11 and below2022-09-20
CVE-2022-23694 [HIGH] CVE-2022-23694: Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injectio Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underl
cvelistv5
CVE-2022-23673HIGHCVSS 7.2v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-17
CVE-2022-23673 [HIGH] CVE-2022-23673: A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23669HIGHCVSS 8.8v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-17
CVE-2022-23669 [HIGH] CVE-2022-23669: A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23672HIGHCVSS 7.2v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-17
CVE-2022-23672 [HIGH] CVE-2022-23672: A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23671HIGHCVSS 7.5v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-17
CVE-2022-23671 [HIGH] CVE-2022-23671: A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23675MEDIUMCVSS 4.8v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-17
CVE-2022-23675 [MEDIUM] CVE-2022-23675: A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23674MEDIUMCVSS 5.4v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-17
CVE-2022-23674 [MEDIUM] CVE-2022-23674: A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23665CRITICALCVSS 9.1v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-16
CVE-2022-23665 [CRITICAL] CVE-2022-23665: A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23657CRITICALCVSS 10.0v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-16
CVE-2022-23657 [CRITICAL] CVE-2022-23657: A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23664CRITICALCVSS 9.1v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-16
CVE-2022-23664 [CRITICAL] CVE-2022-23664: A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23666CRITICALCVSS 9.1v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-16
CVE-2022-23666 [CRITICAL] CVE-2022-23666: A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23661CRITICALCVSS 9.1v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-16
CVE-2022-23661 [CRITICAL] CVE-2022-23661: A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23660CRITICALCVSS 10.0v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-16
CVE-2022-23660 [CRITICAL] CVE-2022-23660: A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
CVE-2022-23658CRITICALCVSS 10.0v6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below2022-05-16
CVE-2022-23658 [CRITICAL] CVE-2022-23658: A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6 A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.
cvelistv5
← Previous3 / 7Next →
Hewlett Packard Enterprise Aruba Clearpass Policy Manager vulnerabilities | cvebase