Hp Aruba Clearpass Policy Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Hp Aruba Clearpass Policy Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2017-5824 — CVSS 9.8 (critical): An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVE-2018-7058 — CVSS 9.8 (critical): Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this…
CVE-2017-5826 — CVSS 8.8 (high): An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVE-2018-7059 — CVSS 8.8 (high): Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the…
CVE-2017-5825 — CVSS 8.8 (high): A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVE-2017-9001 — CVSS 8.1 (high): Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login…
CVE-2017-5828 — CVSS 8.1 (high): An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVE-2017-5829 — CVSS 7.8 (high): An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.
CVE-2018-5390 — CVSS 7.5 (high): Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every…
CVE-2017-9002 — CVSS 6.1 (medium): All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an…
CVE-2017-5827 — CVSS 5.4 (medium): A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.