PT-2021-18110 · Aruba · Aruba Clearpass Policy Manager
Published
2021-04-29
·
Updated
2021-05-07
·
CVE-2021-29146
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
Aruba ClearPass Policy Manager versions prior to 6.9.5
Aruba ClearPass Policy Manager versions prior to 6.8.9
Aruba ClearPass Policy Manager versions prior to 6.7.14-HF1
Description:
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager. This issue allows for the execution of malicious scripts on the client-side, potentially leading to unauthorized access or data theft. Aruba has released patches to address this security issue.
Recommendations:
For versions prior to 6.9.5, update to version 6.9.5 or later to resolve the issue.
For versions prior to 6.8.9, update to version 6.8.9 or later to resolve the issue.
For versions prior to 6.7.14-HF1, update to version 6.7.14-HF1 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aruba Clearpass Policy Manager