VYPR

Clearpass Policy Manager

by Arubanetworks

CVEs (150)

  • CVE-2025-23059Feb 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. If exploited successfully, this vulnerability allows an authenticated remote attacker with high privileges to access and…

  • CVE-2025-23058Feb 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to execute functions that should be restricted to administrators only with…

  • CVE-2024-53672Dec 3, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the…

  • CVE-2024-26301Feb 27, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially…

  • CVE-2024-26300Feb 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary…

  • CVE-2024-26299Feb 27, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to…

  • CVE-2024-26298Feb 27, 2024
    risk 0.00cvss epss 0.01

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…

  • CVE-2024-26297Feb 27, 2024
    risk 0.00cvss epss 0.01

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…

  • CVE-2024-26296Feb 27, 2024
    risk 0.00cvss epss 0.01

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…

  • CVE-2024-26295Feb 27, 2024
    risk 0.00cvss epss 0.01

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…

  • CVE-2024-26294Feb 27, 2024
    risk 0.00cvss epss 0.01

    Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…

  • CVE-2023-43510Oct 24, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the…

  • CVE-2023-43509Oct 24, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to send notifications to computers that are running ClearPass OnGuard. These notifications can then be used to phish users or trick them into…

  • CVE-2023-43508Oct 24, 2023
    risk 0.00cvss epss 0.00

    Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of these vulnerabilities allow an attacker…

  • CVE-2023-43507Oct 24, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit this vulnerability to obtain and modify…

  • CVE-2023-25596Mar 14, 2023
    risk 0.00cvss epss 0.00

    A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain…

  • CVE-2023-25594Mar 14, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of this vulnerability allows an attacker…

  • CVE-2023-25593Mar 14, 2023
    risk 0.00cvss epss 0.00

    Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code…

  • CVE-2023-25592Mar 14, 2023
    risk 0.00cvss epss 0.00

    Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code…

  • CVE-2023-25591Mar 14, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially…

Page 2 of 8