CVE-2021-26685 – A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Poli …

23 February 2021

Vuln ID: CVE-2021-26685

Published: 2021-02-23 17:15:13Z

Description: A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface API of ClearPass could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass instance. An attacker could exploit this vulnerability to obtain and modify sensitive information in the underlying database.

Source: NVD.NIST.GOV

Date:

23 February 2021

Categorie(s):

NVD

Tag(s):

NVD

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor18 April 2024
Ransomware attack compromises UN agency data18 April 2024
3.5 million Omni Hotel guest details held to ransom by Daixin Team18 April 2024
Palo Alto ZeroDay Exploited in The Wild Following PoC Release18 April 2024
Axellio’s Scott Aken Calls for Changes to Network Traffic Monitoring Amid TLS 1.3 Implementation18 April 2024