CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23669
https://notcve.org/view.php?id=CVE-2022-23669
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de omisión de autorización remota en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publicado actualizaciones de ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-613: Insufficient Session Expiration •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23670
https://notcve.org/view.php?id=CVE-2022-23670
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de divulgación de información autenticada remota en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, versiones 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publicado actualizaciones de ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt •
CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23667
https://notcve.org/view.php?id=CVE-2022-23667
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de inyección de comandos remotos autentificados en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publicado actualizaciones de ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23668
https://notcve.org/view.php?id=CVE-2022-23668
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manage that address this security vulnerability. Se ha detectado una vulnerabilidad de tipo server-side request forgery (ssrf) autenticado de forma remota en versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publicado actualizaciones de ClearPass Policy Manage que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23666
https://notcve.org/view.php?id=CVE-2022-23666
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de inyección de comandos remotos autenticados en Aruba ClearPass Policy Manager versiones: 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publicado actualizaciones de ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •