High severity8.8NVD Advisory· Published Aug 29, 2017· Updated Jun 17, 2026
CVE-2015-3655
CVE-2015-3655
Description
Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token.
Affected products
2- Range: <6.4.7, <6.5.2
Patches
Vulnerability mechanics
References
2- www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-009.txtnvdVendor Advisory
- www.securityfocus.com/bid/100594nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.