Aruba Update
2496Warning Date
Severity Level
Warning Number
Target Sector
13 October, 2021
● Critical
2021-3666
All
Description:
Aruba has released security update to address multiple vulnerabilities in the following product:
- ClearPass Policy Manager
- 6.10.x prior to 6.10.2
- 6.9.x prior to 6.9.7-HF1
- 6.8.x prior to 6.8.9-HF1
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Information disclose
- Remote authentication bypass
- SQL Injection
- Command injection
Best practice and Recommendations:
The CERT team encourages users to review Aruba security advisory and apply the necessary update: