A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manage that address this security vulnerability.
References
Link | Resource |
---|---|
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt | Vendor Advisory |
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt - Vendor Advisory |
25 May 2022, 17:10
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.8.9:hotfix1:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.8.9:-:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:6.8.9:hotfix2:*:*:*:*:*:* cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*:* |
|
References | (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-007.txt - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 4.9 |
CWE | CWE-918 |
16 May 2022, 21:59
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-16 21:15
Updated : 2024-11-21 06:49
NVD link : CVE-2022-23668
Mitre link : CVE-2022-23668
CVE.ORG link : CVE-2022-23668
JSON object : View
Products Affected
arubanetworks
- clearpass_policy_manager
CWE
CWE-918
Server-Side Request Forgery (SSRF)