CVE-2020-7113

Published: Apr 16, 2020Modified: Nov 21, 2024

4.9

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.2 / Impact: 3.6

Source: NVD

Description

A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.

Affected (2)

Products: Arubanetworks: Clearpass

Arubanetworks

1 product

Clearpass

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Arubanetworks Clearpass	From 6.7.0 to 6.7.13
Arubanetworks Clearpass	From 6.8.0 to 6.8.4

References (2)

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-004.txt

Source: security-alert@hpe.com

Vendor Advisory

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-004.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.