PT-2021-23040 · Aruba · Aruba Clearpass Policy Manager
Published
2021-10-15
·
Updated
2021-10-21
·
CVE-2021-40993
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Aruba ClearPass Policy Manager versions 6.10.x prior to 6.10.2
Aruba ClearPass Policy Manager versions 6.9.x prior to 6.9.7-HF1
Aruba ClearPass Policy Manager versions 6.8.x prior to 6.8.9-HF1
Description
A remote SQL injection issue was discovered. Aruba has released patches to address this security issue.
Recommendations
For versions 6.10.x prior to 6.10.2, update to version 6.10.2 or later.
For versions 6.9.x prior to 6.9.7-HF1, update to version 6.9.7-HF1 or later.
For versions 6.8.x prior to 6.8.9-HF1, update to version 6.8.9-HF1 or later.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aruba Clearpass Policy Manager