CVE-2021-26678
N/A
N/A
Summary
A remote unauthenticated stored cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Aruba ClearPass Policy Manager | Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1 | affected |
Weaknesses
- Remote Unauthenticated Stored Cross-Site Scripting (XSS) in ClearPass Web Administration Interface
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.