CVE-2021-37737

Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.x prior to 6.10.2 Aruba ClearPass Policy Manager versions 6.9.x prior to 6.9.7-HF1 Aruba ClearPass Policy Manager versions 6.8.x prior to 6.8.9-HF1

Description: A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager. The issue allows for SQL injection attacks. Aruba has released patches to address this security issue.

Recommendations: For versions 6.10.x prior to 6.10.2, update to version 6.10.2 or later. For versions 6.9.x prior to 6.9.7-HF1, update to version 6.9.7-HF1 or later. For versions 6.8.x prior to 6.8.9-HF1, update to version 6.8.9-HF1 or later.