cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-25039,https://securityvulnerability.io/vulnerability/CVE-2025-25039,Command Injection Vulnerability in HPE Aruba Networking Product,"A vulnerability exists in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) that enables remote authenticated users to execute arbitrary commands on the underlying host system. Successful exploitation of this flaw allows attackers to perform unwanted actions as a lower privileged user, potentially compromising the system and its data.",HP (HP),HP Aruba Networking Clearpass Policy Manager,4.7,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T18:13:23.132Z,0
CVE-2025-23060,https://securityvulnerability.io/vulnerability/CVE-2025-23060,Sensitive Data Exposure in HPE Aruba Networking ClearPass Policy Manager,"The HPE Aruba Networking ClearPass Policy Manager has a vulnerability that may allow sensitive unencrypted information to be exposed in specific scenarios. This security flaw could enable an attacker to launch a man-in-the-middle attack, which poses a risk of unauthorized access to network resources and facilitates data tampering activities, compromising overall network integrity.",HP (HP),HP Aruba Networking Clearpass Policy Manager,6.6,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T18:11:41.371Z,0
CVE-2025-23059,https://securityvulnerability.io/vulnerability/CVE-2025-23059,Sensitive Data Exposure in HPE Aruba Networking ClearPass Policy Manager,"A vulnerability exists in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager, allowing authenticated remote attackers with high privileges to access directories containing sensitive information. Successful exploitation of this vulnerability could lead to the unauthorized retrieval of sensitive data, potentially compromising the system's integrity and security.",HP (HP),HP Aruba Networking Clearpass Policy Manager,6.8,MEDIUM,0.01,false,,false,false,false,,false,false,false,,2025-02-04T18:10:21.793Z,0
CVE-2025-23058,https://securityvulnerability.io/vulnerability/CVE-2025-23058,Privilege Escalation Vulnerability in ClearPass Policy Manager by HPE,"A critical vulnerability in the ClearPass Policy Manager web-based management interface permits low-privileged authenticated users to exploit unauthorized access. This allows such users to execute functions typically restricted to administrators, including the ability to alter settings and access sensitive data. The successful exploitation of this vulnerability could lead to an escalation of privileges, compromising the security of the system.",HP (HP),HP Aruba Networking Clearpass Policy Manager,8.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-04T18:07:56.711Z,0
CVE-2024-26302,https://securityvulnerability.io/vulnerability/CVE-2024-26302,Remote Access to Sensitive Information via ClearPass Policy Manager Web Interface,"A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

",HP,Aruba Clearpass Policy Manager,4.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T22:11:37.929Z,0
CVE-2024-26301,https://securityvulnerability.io/vulnerability/CVE-2024-26301,Remote Access to Sensitive Information via ClearPass Policy Manager Web Interface,"A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.

",HP,Aruba Clearpass Policy Manager,6.5,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-02-27T22:10:54.804Z,0
CVE-2024-26300,https://securityvulnerability.io/vulnerability/CVE-2024-26300,ClearPass Policy Manager Vulnerability Could Lead to Stored XSS Attacks,"A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.

",HP,Aruba Clearpass Policy Manager,6.6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T22:06:49.616Z,0
CVE-2024-26299,https://securityvulnerability.io/vulnerability/CVE-2024-26299,ClearPass Policy Manager Vulnerability Could Lead to Stored XSS Attacks,"A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.

",HP,Aruba Clearpass Policy Manager,6.6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T22:05:37.624Z,0
CVE-2024-26298,https://securityvulnerability.io/vulnerability/CVE-2024-26298,Remote Code Execution Vulnerability in ClearPass Policy Manager Could Lead to Complete System Compromise,"The ClearPass Policy Manager by Aruba Networks has a vulnerability in its web-based management interface that allows remote authenticated users to execute arbitrary commands on the underlying host. This exposure can lead to full system compromise as the attacker may execute commands with root privileges, potentially endangering sensitive data and operations. Organizations utilizing affected versions of ClearPass should apply security updates promptly to mitigate risks associated with this vulnerability.",HP,Aruba Clearpass Policy Manager,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T22:04:58.511Z,0
CVE-2024-26297,https://securityvulnerability.io/vulnerability/CVE-2024-26297,Remote Code Execution Vulnerability in ClearPass Policy Manager Could Lead to Complete System Compromise,"The vulnerability allows remote authenticated users to exploit the ClearPass Policy Manager's web-based management interface, enabling them to execute arbitrary commands on the underlying host. This serious flaw provides an opportunity for attackers to execute commands with root privileges, potentially leading to full system takeover. Organizations using affected versions of ClearPass Policy Manager are urged to update to secure their systems against this critical exploitation vector.",HP,Aruba Clearpass Policy Manager,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T22:03:55.507Z,0
CVE-2024-26296,https://securityvulnerability.io/vulnerability/CVE-2024-26296,Remote Code Execution Vulnerability in ClearPass Policy Manager Could Lead to Complete System Compromise,"A vulnerability exists in the ClearPass Policy Manager's web-based management interface, enabling remote authenticated users to execute arbitrary commands on the underlying host system. If exploited, this flaw could result in full system compromise as attackers may gain root-level access to the operating system. Organizations using ClearPass Policy Manager should prioritize addressing this vulnerability to safeguard their systems from potential exploits.",HP,Aruba Clearpass Policy Manager,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T21:57:24.846Z,0
CVE-2024-26295,https://securityvulnerability.io/vulnerability/CVE-2024-26295,Remote Code Execution Vulnerability in ClearPass Policy Manager Could Lead to Complete System Compromise,"The ClearPass Policy Manager by Aruba Networks is susceptible to vulnerabilities within its web-based management interface. This flaw allows remote authenticated users the ability to execute arbitrary commands on the underlying host system. If successfully exploited, this vulnerability can lead to complete system compromise as an attacker gains root-level access to the operating system. Organizations using affected versions should assess their security measures and apply any necessary updates to mitigate risks associated with this vulnerability.",HP,Aruba Clearpass Policy Manager,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T21:56:22.295Z,0
CVE-2024-26294,https://securityvulnerability.io/vulnerability/CVE-2024-26294,Remote Code Execution Vulnerability in ClearPass Policy Manager Could Lead to Complete System Compromise,"A vulnerability exists in the ClearPass Policy Manager web-based management interface that permits remote authenticated users to execute arbitrary commands on the underlying operating system. This security flaw could potentially enable an attacker to gain root access, thereby compromising the entire system. Organizations utilizing this product must prioritize patching and monitoring systems to mitigate risks associated with unauthorized command execution.",HP,Aruba Clearpass Policy Manager,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-27T21:54:21.857Z,0
CVE-2023-43510,https://securityvulnerability.io/vulnerability/CVE-2023-43510,Authenticated Remote Command Injection in ClearPass Policy Manager Web-Based Management Interface Leading to Partial System Compromise,A vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a non-privileged user on the underlying operating system leading to partial system compromise.,HP,Aruba Clearpass Policy Manager,4.7,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2023-10-25T18:17:00.000Z,0
CVE-2023-43509,https://securityvulnerability.io/vulnerability/CVE-2023-43509,Unauthenticated Endpoint Allows Sending Arbitrary OnGuard Notifications,A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to send notifications to computers that are running ClearPass OnGuard. These notifications can then be used to phish users or trick them into downloading malicious software.,HP,Aruba Clearpass Policy Manager,5.8,MEDIUM,0.0008999999845400453,false,,false,false,false,,,false,false,,2023-10-25T18:17:00.000Z,0
CVE-2023-43508,https://securityvulnerability.io/vulnerability/CVE-2023-43508,Authorization Bypass Leading to Privilege Escalation in ClearPass Policy Manager Web-Based Management Interface,Vulnerabilities in the web-based management interface of ClearPass Policy Manager allow an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of these vulnerabilities allow an attacker to complete state-changing actions in the web-based management interface that should not be allowed by their current level of authorization on the platform.,HP,Aruba Clearpass Policy Manager,6.3,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2023-10-25T18:17:00.000Z,0
CVE-2023-43507,https://securityvulnerability.io/vulnerability/CVE-2023-43507,Authenticated SQL Injection Vulnerability in ClearPass Policy Manager Web-based Management Interface,"A vulnerability within the web-based management interface of ClearPass Policy Manager allows authenticated remote attackers to perform SQL injection attacks. By exploiting this flaw, attackers can gain unauthorized access to sensitive data stored in the underlying database, potentially leading to a full compromise of the ClearPass Policy Manager cluster. Vigilant security measures should be implemented to protect against such exploits to ensure the integrity and confidentiality of sensitive information.",HP,Aruba Clearpass Policy Manager,7.2,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2023-10-25T18:17:00.000Z,0
CVE-2023-43506,https://securityvulnerability.io/vulnerability/CVE-2023-43506,Local Privilege Escalation in ClearPass OnGuard Linux Agent,"A vulnerability in the ClearPass OnGuard Linux agent enables attackers with local access to escalate their privileges. This flaw permits malicious users to run arbitrary code with root-level permissions, potentially compromising the entire Linux instance.",HP,Aruba Clearpass Policy Manager,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-10-25T18:17:00.000Z,0
CVE-2023-25596,https://securityvulnerability.io/vulnerability/CVE-2023-25596,Authenticated Sensitive Information Disclosure in ClearPass Policy Manager," A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager.",HP,Aruba ClearPass Policy Manager,4.9,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2023-03-22T06:15:00.000Z,0
CVE-2023-25589,https://securityvulnerability.io/vulnerability/CVE-2023-25589,Unauthenticated Arbitrary User Creation Leads to Complete System Compromise,"A vulnerability in the web-based management interface of ClearPass Policy Manager can be exploited by an unauthenticated remote attacker, enabling them to create arbitrary user accounts on the platform. This exploit permits attackers to gain unauthorized access and potentially compromise the entire cluster, raising significant security concerns for network integrity.",HP,Aruba ClearPass Policy Manager,9.8,CRITICAL,0.003019999945536256,false,,false,false,false,,,false,false,,2023-03-22T06:15:00.000Z,0
CVE-2023-25595,https://securityvulnerability.io/vulnerability/CVE-2023-25595,Sensitive Information Disclosure in ClearPass OnGuard Ubuntu Agent," A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment.",HP,Aruba ClearPass Policy Manager,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-03-22T06:15:00.000Z,0
CVE-2023-25594,https://securityvulnerability.io/vulnerability/CVE-2023-25594,Authorization Bypass Leading to Privilege Escalation in ClearPass Policy Manager Web-Based Management Interface,"A security flaw exists in the web-based management interface of ClearPass Policy Manager from Aruba Networks, enabling an attacker with only read-only privileges to perform state-altering actions. This vulnerability compromises the integrity of access controls, allowing unauthorized users to manipulate the instance's state, which poses significant risks to the system’s overall security.",HP,Aruba ClearPass Policy Manager,8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-03-22T06:15:00.000Z,0
CVE-2023-25592,https://securityvulnerability.io/vulnerability/CVE-2023-25592,Reflected Cross Site Scripting Vulnerabilities (XSS) in ClearPass Policy Manager Web-Based Management Interface,Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.,HP,Aruba ClearPass Policy Manager,6.1,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-03-22T06:15:00.000Z,0
CVE-2023-25593,https://securityvulnerability.io/vulnerability/CVE-2023-25593,Reflected Cross Site Scripting Vulnerabilities (XSS) in ClearPass Policy Manager Web-Based Management Interface,Vulnerabilities within the web-based management interface of ClearPass Policy Manager could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.,HP,Aruba ClearPass Policy Manager,6.1,MEDIUM,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-03-22T06:15:00.000Z,0
CVE-2023-25591,https://securityvulnerability.io/vulnerability/CVE-2023-25591,Authenticated Information Disclosure in ClearPass Policy Manager Web-Based Management Interface,A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further privileges on the ClearPass instance.,HP,Aruba ClearPass Policy Manager,6.5,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2023-03-22T06:15:00.000Z,0