CVE-2020-7113

Summary

A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.

Affected Software

VendorProductVersion RangeStatus
n/aClearPass Policy ManagerClearPass 6.8.x prior to 6.8.5 ClearPass 6.7.x prior to 6.7.13affected

Weaknesses

  • interception and modification of http packets

ADP Enrichment

CVE Program Container

Additional References

References