CVE-2014-8367

Name of the Vulnerable Software and Affected Versions Aruba Networks ClearPass Policy Manager versions 6.2.x through 6.3.5 Aruba Networks ClearPass Policy Manager versions 6.4.x through 6.4.1

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands.

Recommendations For Aruba Networks ClearPass Policy Manager versions 6.2.x through 6.3.5, update to version 6.3.6 or later. For Aruba Networks ClearPass Policy Manager versions 6.4.x through 6.4.1, update to version 6.4.2 or later.