CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4401
https://notcve.org/view.php?id=CVE-2016-4401
Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials. Aruba ClearPass Policy Manager versiones anteriores a 6.5.7 y versiones 6.6.x anteriores a 6.6.2, permite a atacantes obtener credenciales de la base de datos. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-010.txt • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-2034
https://notcve.org/view.php?id=CVE-2016-2034
SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. Vulnerabilidad de inyección SQL en ClearPass Policy Manager versiones 6.5.x hasta 6.5.6 y versión 6.6.0. • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-009.txt • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •