PT-2022-16186 · Aruba · Aruba Clearpass Policy Manager
Published
2022-05-17
·
Updated
2022-09-02
·
CVE-2022-23675
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Aruba ClearPass Policy Manager versions 6.10.4 and below
Aruba ClearPass Policy Manager versions 6.9.9 and below
Aruba ClearPass Policy Manager versions 6.8.9-HF2 and below
Aruba ClearPass Policy Manager versions 6.7.x and below
Description
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager. Aruba has released updates to address this security issue.
Recommendations
For versions 6.10.4 and below, update to a version above 6.10.4.
For versions 6.9.9 and below, update to a version above 6.9.9.
For versions 6.8.9-HF2 and below, update to a version above 6.8.9-HF2.
For versions 6.7.x and below, update to a version above 6.7.x.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aruba Clearpass Policy Manager