Clearpass Policy Manager
CVEs (150)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-25589 | 0.00 | — | 0.01 | Mar 14, 2023 | A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to create arbitrary users on the platform. A successful exploit allows an attacker to achieve total cluster compromise. | |||
| CVE-2022-43540 | 0.00 | — | 0.00 | Jan 3, 2023 | A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with local macOS instance access to potentially obtain sensitive information. A successful exploit could allow an attacker to retrieve information that is of a sensitive nature in Aruba… | |||
| CVE-2022-43539 | 0.00 | — | 0.00 | Jan 3, 2023 | A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network position to potentially obtain sensitive information. A successful exploit could allow an attacker to retrieve information that allows for… | |||
| CVE-2022-43538 | 0.00 | — | 0.01 | Jan 3, 2023 | Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-43537 | 0.00 | — | 0.01 | Jan 3, 2023 | Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-43536 | 0.00 | — | 0.01 | Jan 3, 2023 | Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-43535 | 0.00 | — | 0.00 | Jan 3, 2023 | A vulnerability in the ClearPass OnGuard Windows agent could allow malicious users on a Windows instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with NT AUTHORITY\SYSTEM level privileges on the Windows instance in… | |||
| CVE-2022-43534 | 0.00 | — | 0.00 | Jan 3, 2023 | A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass… | |||
| CVE-2022-43533 | 0.00 | — | 0.00 | Jan 3, 2023 | A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass… | |||
| CVE-2022-43532 | 0.00 | — | 0.00 | Jan 3, 2023 | A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to… | |||
| CVE-2022-43531 | 0.00 | — | 0.01 | Jan 3, 2023 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify… | |||
| CVE-2022-43530 | 0.00 | — | 0.01 | Jan 3, 2023 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify… | |||
| CVE-2022-23685 | 0.00 | — | 0.00 | Sep 20, 2022 | A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection. This could allow a remote unauthenticated attacker to execute arbitrary input against these endpoints if… | |||
| CVE-2022-23692 | 0.00 | — | 0.01 | Sep 20, 2022 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify… | |||
| CVE-2022-23693 | 0.00 | — | 0.01 | Sep 20, 2022 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify… | |||
| CVE-2022-23695 | 0.00 | — | 0.01 | Sep 20, 2022 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify… | |||
| CVE-2022-23694 | 0.00 | — | 0.01 | Sep 20, 2022 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify… | |||
| CVE-2022-23696 | 0.00 | — | 0.01 | Sep 20, 2022 | Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify… | |||
| CVE-2022-37877 | 0.00 | — | 0.00 | Sep 20, 2022 | A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass… | |||
| CVE-2022-37880 | 0.00 | — | 0.01 | Sep 20, 2022 | Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… |
- CVE-2023-25589Mar 14, 2023risk 0.00cvss —epss 0.01
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to create arbitrary users on the platform. A successful exploit allows an attacker to achieve total cluster compromise.
- CVE-2022-43540Jan 3, 2023risk 0.00cvss —epss 0.00
A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with local macOS instance access to potentially obtain sensitive information. A successful exploit could allow an attacker to retrieve information that is of a sensitive nature in Aruba…
- CVE-2022-43539Jan 3, 2023risk 0.00cvss —epss 0.00
A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network position to potentially obtain sensitive information. A successful exploit could allow an attacker to retrieve information that allows for…
- CVE-2022-43538Jan 3, 2023risk 0.00cvss —epss 0.01
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-43537Jan 3, 2023risk 0.00cvss —epss 0.01
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-43536Jan 3, 2023risk 0.00cvss —epss 0.01
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploits could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-43535Jan 3, 2023risk 0.00cvss —epss 0.00
A vulnerability in the ClearPass OnGuard Windows agent could allow malicious users on a Windows instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with NT AUTHORITY\SYSTEM level privileges on the Windows instance in…
- CVE-2022-43534Jan 3, 2023risk 0.00cvss —epss 0.00
A vulnerability in the ClearPass OnGuard Linux agent could allow malicious users on a Linux instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the Linux instance in Aruba ClearPass…
- CVE-2022-43533Jan 3, 2023risk 0.00cvss —epss 0.00
A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass…
- CVE-2022-43532Jan 3, 2023risk 0.00cvss —epss 0.00
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to…
- CVE-2022-43531Jan 3, 2023risk 0.00cvss —epss 0.01
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify…
- CVE-2022-43530Jan 3, 2023risk 0.00cvss —epss 0.01
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify…
- CVE-2022-23685Sep 20, 2022risk 0.00cvss —epss 0.00
A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection. This could allow a remote unauthenticated attacker to execute arbitrary input against these endpoints if…
- CVE-2022-23692Sep 20, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify…
- CVE-2022-23693Sep 20, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify…
- CVE-2022-23695Sep 20, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify…
- CVE-2022-23694Sep 20, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify…
- CVE-2022-23696Sep 20, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify…
- CVE-2022-37877Sep 20, 2022risk 0.00cvss —epss 0.00
A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass…
- CVE-2022-37880Sep 20, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
Page 3 of 8