CVE-2014-6626

Published: Nov 19, 2014Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not properly restrict access to unspecified administrative functions, which allows remote attackers to bypass authentication and execute administrative actions via unknown vectors.

Affected (2)

Products: Arubanetworks: Clearpass

Arubanetworks

1 product

Clearpass

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Arubanetworks Clearpass	Up to 6.3.4
Arubanetworks Clearpass	Version 6.4.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://secunia.com/advisories/61916

Source: cve@mitre.org

http://www.arubanetworks.com/support/alerts/aid-10282014.txt

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/61916

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.arubanetworks.com/support/alerts/aid-10282014.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.