Описание
A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.7.0 (включая) до 6.7.13 (исключая)Версия от 6.8.0 (включая) до 6.8.4 (исключая)
Одно из
cpe:2.3:a:arubanetworks:clearpass:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:clearpass:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00367
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.
EPSS
Процентиль: 58%
0.00367
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo