CVSS: 9.0EPSS: 3%CPEs: 4EXPL: 0CVE-2021-34610
https://notcve.org/view.php?id=CVE-2021-34610
08 Jul 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución de comandos remota arbitrarios en Aruba ClearPass Policy Manager version(es): Anteriores a 6.10.0, 6.9.6 y 6.8.9. Aruba ha publicado actualizaciones de ClearPass Policy Manager que solucionan esta vulnerabilidad de seguri... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 2%CPEs: 4EXPL: 0CVE-2021-34611
https://notcve.org/view.php?id=CVE-2021-34611
08 Jul 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba ClearPass Policy Manager version(es) : Anteriores a 6.10.0, 6.9.6 y 6.8.9. Aruba ha publicado actualizaciones de ClearPass Policy Manager que solucionan esta vulnerabilidad de segur... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29152
https://notcve.org/view.php?id=CVE-2021-29152
08 Jul 2021 — A remote denial of service (DoS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de denegación de servicio (DoS) remota en Aruba ClearPass Policy Manager version(es) : Anteriores a 6.10.0, 6.9.6 y 6.8.9. Aruba ha publicado actualizaciones de ClearPass Policy Manager que solucionan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29151
https://notcve.org/view.php?id=CVE-2021-29151
08 Jul 2021 — A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de omisión de autenticación remota en Aruba ClearPass Policy Manager version(es) : Anteriores a 6.10.0, 6.9.6 y 6.8.9. Aruba ha publicado actualizaciones de ClearPass Policy Manager que solucionan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 0CVE-2021-29150
https://notcve.org/view.php?id=CVE-2021-29150
08 Jul 2021 — A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de deserialización no segura remota en Aruba ClearPass Policy Manager version(es): Anteriores a 6.10.0, 6.9.6 y 6.8.9. Aruba ha publicado actualizaciones de ClearPass Policy Manager que solucionan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-7123
https://notcve.org/view.php?id=CVE-2020-7123
28 Apr 2021 — A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de escalada de privilegios local en Aruba ClearPass Policy Manager versiones anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-7120
https://notcve.org/view.php?id=CVE-2020-7120
23 Feb 2021 — A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit could allow a local attacker to execute arbitrary code within the context the binary is running in, which is a lower privileged account. Se detectó una vulnerabilidad de desbordamiento del búfer autenticado local en Aruba Clea... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-004.txt • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26677
https://notcve.org/view.php?id=CVE-2021-26677
23 Feb 2021 — A local authenticated escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users on a Windows platform to elevate their privileges. A successful exploit could allow an attacker to execute arbitrary code with SYSTEM level privileges. Se detectó una vulnerabilidad de escalada de privilegios autenticada local en Aruba ClearPass Policy Manager versiones: Anter... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-004.txt •
CVSS: 9.0EPSS: 3%CPEs: 5EXPL: 0CVE-2021-26679
https://notcve.org/view.php?id=CVE-2021-26679
23 Feb 2021 — A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Una vulnerabilidad de inyección de comando autentica... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-004.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 1%CPEs: 5EXPL: 0CVE-2021-26680
https://notcve.org/view.php?id=CVE-2021-26680
23 Feb 2021 — A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Una vulnerabilidad de inyección de comando autentica... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-004.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •