漏洞标题
N/A
漏洞描述信息
在Aruba ClearPass Policy Manager版本(s):6.9.5之前,6.8.8-HF1,6.7.14-HF1。ClearPass的基于Web的管理接口API的一个漏洞可能导致 authenticated 的远程攻击者对ClearPass实例进行SQL注入攻击。攻击者可以利用此漏洞获取并修改底层数据库中的敏感信息。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface API of ClearPass could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass instance. An attacker could exploit this vulnerability to obtain and modify sensitive information in the underlying database.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Aruba ClearPass Policy Manager SQL注入漏洞
漏洞描述信息
Aruba ClearPass Policy Manager是美国Aruba公司的一个应用系统提供无线网络安全接入管理系统 Aruba ClearPass Policy Manager Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1 存在SQL注入漏洞,该漏洞允许经过身份验证的远程攻击者可利用该漏洞对ClearPass实例进行SQL注入攻击。
CVSS信息
N/A
漏洞类别
SQL注入