HPE Aruba Networking ClearPass Policy Manager
Easy fix4 remedies
cpe:2.3:a:arubanetworks:clearpass_policy_manager:*:*:*:*:*:*:*, +1 more
Easy fix4 remedies
- >= 6.12, <= 6.12.3
- >= 6.11, <= 6.11.9
HPE Aruba Networking ClearPass Policy Manager Sensitive Data Exposure Vulnerability
Vulnerability
Patched
A vulnerability exists in HPE Aruba Networking ClearPass Policy Manager (CPPM) versions 6.12.3 and below in the 6.12.x branch, as well as versions 6.11.9 and below in the 6.11.x branch. This vulnerability may, under certain circumstances, expose sensitive unencrypted information. Exploitation could allow an attacker to conduct a man-in-the-middle attack, potentially leading to unauthorized access to network resources and data tampering.
Impact
Successful exploitation of this vulnerability could result in the exposure of sensitive unencrypted information, allowing for unauthorized access to network resources and the ability to tamper with data.
Remediation
Users can upgrade to HPE Aruba Networking ClearPass Policy Manager version 6.12.4 or above in the 6.12.x branch, or version 6.11.10 or above in the 6.11.x branch. For general hardening against security threats, consult the HPE Aruba Networking ClearPass Policy Manager Hardening Guide.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
5.0exploitability
5.6remediation
8.3relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.