CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29144
https://notcve.org/view.php?id=CVE-2021-29144
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de divulgación de información confidencial remota en Aruba ClearPass Policy Manager versiones anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-29145
https://notcve.org/view.php?id=CVE-2021-29145
A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de Ejecución de Código Remota de tipo server side request forgery (SSRF) en Aruba ClearPass Policy Manager versiones anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-29146
https://notcve.org/view.php?id=CVE-2021-29146
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. Se detectó una vulnerabilidad de tipo cross-site scripting (XSS) en Aruba ClearPass Policy Manager versiones anteriores a 6.9.5, 6.8.9, 6.7.14-HF1. Aruba ha publicado parches para Aruba ClearPass Policy Manager que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-009.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29137
https://notcve.org/view.php?id=CVE-2021-29137
A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de redireccionamiento abierto de una URL remota en Aruba AirWave Management Platform versiones anteriores a 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-25167
https://notcve.org/view.php?id=CVE-2021-25167
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de acceso remoto no autorizado en Aruba AirWave Management Platform versiones anteriores a 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •