Описание
Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.6.0 (включая) до 6.6.9 (исключая)Версия от 6.7.0 (включая) до 6.7.1 (исключая)
Одно из
cpe:2.3:a:arubanetworks:clearpass:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass:*:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00168
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface.
EPSS
Процентиль: 38%
0.00168
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352