Published on: Not Yet Published
Last Modified on: 01/23/2023 01:55:00 PM UTC
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the ClearPass Policy Manager cluster in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address these security vulnerabilities.
- CVE-2022-23694 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 8.8 - HIGH
| www.arubanetworks.com |
Known Affected Configurations (CPE V2.3)
|Application||Arubanetworks||Clearpass Policy Manager||All||All||All||All|
|@CVEreport||CVE-2022-23694 : Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an a… twitter.com/i/web/status/1…||2022-09-20 21:03:56|