An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could exploit this vulnerability to gain access to "appadmin" credentials, leading to complete cluster compromise. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hpe
Published: 2018-12-07T21:00:00
Updated: 2024-08-05T06:17:17.414Z
Reserved: 2018-02-15T00:00:00
Link: CVE-2018-7065
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-12-07T21:29:01.187
Modified: 2024-11-21T04:11:35.497
Link: CVE-2018-7065
Redhat
No data.