exploitDog

CVE-2014-6621

Опубликовано: 19 нояб. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not disable the troubleshooting and diagnostics page in production systems, which allows remote attackers to obtain version numbers, module configuration, and other sensitive information by reading the page.

Ссылки

http://secunia.com/advisories/61916
http://www.arubanetworks.com/support/alerts/aid-10282014.txt
Vendor Advisory
http://secunia.com/advisories/61916
http://www.arubanetworks.com/support/alerts/aid-10282014.txt
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arubanetworks:clearpass:*:*:*:*:*:*:*:*

Версия до 6.3.4 (включая)

cpe:2.3:a:arubanetworks:clearpass:6.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-79mv-89pw-gp4r

github

больше 3 лет назад

Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not disable the troubleshooting and diagnostics page in production systems, which allows remote attackers to obtain version numbers, module configuration, and other sensitive information by reading the page.

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-200