CVE-2014-6627

Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-5342.

CVSS v2.0 9.0 HIGH

9.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/61916
http://www.arubanetworks.com/support/alerts/aid-10282014.txt	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:arubanetworks:clearpass::::::::
	cpe:2.3:a:arubanetworks:clearpass:6.4.0:::::::*

History

No history.

Information

Published : 2014-11-19 18:59

Updated : 2014-11-19 19:30

NVD link : CVE-2014-6627

Mitre link : CVE-2014-6627

CVE.ORG link : CVE-2014-6627

JSON object : View

Products Affected

arubanetworks

clearpass

CWE

CWE-284

Improper Access Control

9.0 /10