Aruba Networks ClearPass 6.4.5

CPE Details

Aruba Networks ClearPass 6.4.5
arubanetworks
clearpass
6.4.5
2020-10-01
14h22 +00:00
2020-10-01
14h22 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:arubanetworks:clearpass:6.4.5:*:*:*:*:*:*:*

Informations

Vendor

arubanetworks

Product

clearpass

Version

6.4.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-4401 2019-11-06 13h32 +00:00 Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials.
9.8
Critical
CVE-2015-3653 2017-08-29 13h00 +00:00 Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking.
7.2
High
CVE-2015-3654 2017-08-29 13h00 +00:00 Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649.
7.2
High
CVE-2015-3655 2017-08-29 13h00 +00:00 Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token.
8.8
High
CVE-2015-3656 2017-08-29 13h00 +00:00 Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain privileges by leveraging failure to properly enforce authorization checks.
7.2
High
CVE-2015-3657 2017-08-29 13h00 +00:00 Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors.
7.2
High
CVE-2015-4649 2017-08-29 13h00 +00:00 Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-3654.
7.2
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.