VYPR
Unrated severityNVD Advisory· Published Jan 3, 2023· Updated Apr 10, 2025

CVE-2022-43531

CVE-2022-43531

Description

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the ClearPass Policy Manager cluster in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below.

Affected products

2
  • Range: <=6.10.7 or <=6.9.12
  • Hewlett Packard Enterprise (HPE)/Aruba ClearPass Policy Managerv5
    Range: ClearPass Policy Manager 6.10.x: 6.10.7 and below, ClearPass Policy Manager 6.9.x: 6.9.12 and below

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.