CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29150
https://notcve.org/view.php?id=CVE-2021-29150
A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de deserialización no segura remota en Aruba ClearPass Policy Manager version(es): Anteriores a 6.10.0, 6.9.6 y 6.8.9. Aruba ha publicado actualizaciones de ClearPass Policy Manager que solucionan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29141
https://notcve.org/view.php?id=CVE-2021-29141
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de divulgación remota de información confidencial en Aruba ClearPass Policy Manager versiones anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt •
CVSS: 4.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29139
https://notcve.org/view.php?id=CVE-2021-29139
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de tipo cross-site scripting (XSS) en Aruba ClearPass Policy Manager versiones anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29138
https://notcve.org/view.php?id=CVE-2021-29138
A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de divulgación de información privilegiada remota en Aruba ClearPass Policy Manager versiones anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29140
https://notcve.org/view.php?id=CVE-2021-29140
A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de XML external entity (XXE) remota en Aruba ClearPass Policy Manager: versiones: Anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt • CWE-611: Improper Restriction of XML External Entity Reference •