Clearpass Policy Manager

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-25039 MEDIUM This Month

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2025-23060 MEDIUM This Month

A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances, expose sensitive unencrypted information. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Aruba Authentication Bypass Clearpass Policy Manager
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2025-23059 MEDIUM This Month

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Path Traversal Clearpass Policy Manager
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2025-23058 HIGH This Week

A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-25039
EPSS 0% CVSS 4.7
MEDIUM This Month

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVE-2025-23060
EPSS 0% CVSS 6.6
MEDIUM This Month

A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances, expose sensitive unencrypted information. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Aruba Authentication Bypass Clearpass Policy Manager
NVD
CVE-2025-23059
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Path Traversal +1
NVD
CVE-2025-23058
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Clearpass Policy Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy