CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37884
https://notcve.org/view.php?id=CVE-2022-37884
20 Sep 2022 — A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in the unavailability of the guest interface in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability. Se presenta una... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-013.txt •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37881
https://notcve.org/view.php?id=CVE-2022-37881
20 Sep 2022 — Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulner... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-013.txt •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37882
https://notcve.org/view.php?id=CVE-2022-37882
20 Sep 2022 — Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulner... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-013.txt •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37883
https://notcve.org/view.php?id=CVE-2022-37883
20 Sep 2022 — Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulner... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-013.txt •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23674
https://notcve.org/view.php?id=CVE-2022-23674
17 May 2022 — A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de tipo cross-site scripting (xss) almacenado y autenticado de forma remota en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y an... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23675
https://notcve.org/view.php?id=CVE-2022-23675
17 May 2022 — A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de cross-site scripting (xss) almacenada y autenticada de forma remota en Aruba ClearPass Policy Manager versiones 6.10.4 y siguientes, 6.9.9 y siguientes, 6.8.9-HF2 y siguien... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23673
https://notcve.org/view.php?id=CVE-2022-23673
17 May 2022 — A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de inyección de comandos remotos autenticados en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publica... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23671
https://notcve.org/view.php?id=CVE-2022-23671
17 May 2022 — A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de divulgación de información autenticada remota en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23672
https://notcve.org/view.php?id=CVE-2022-23672
17 May 2022 — A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de inyección de comandos remotos autenticados en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publica... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-23669
https://notcve.org/view.php?id=CVE-2022-23669
17 May 2022 — A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability. Se ha detectado una vulnerabilidad de omisión de autorización remota en Aruba ClearPass Policy Manager versiones 6.10.4 y anteriores, 6.9.9 y anteriores, 6.8.9-HF2 y anteriores, 6.7.x y anteriores. Aruba ha publicado actualizaciones de C... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt • CWE-613: Insufficient Session Expiration •