|
196191
|
7.8 |
HIGH
Local
|
arubanetworks
|
clearpass_policy_manager
|
A local authenticated escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard co…
|
NVD-CWE-noinfo
|
CVE-2021-26677
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196192
|
5.3 |
MEDIUM
Network
|
rangerstudio
|
directus
|
In Directus 8.x through 8.8.1, an attacker can learn sensitive information such as the version of the CMS, the PHP version used by the site, and the name of the DBMS, simply by view the result of the…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-26595
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196193
|
8.8 |
HIGH
Network
|
rangerstudio
|
directus
|
In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability only affects products that are no …
|
CWE-269
Improper Privilege Management
|
CVE-2021-26594
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196194
|
7.5 |
HIGH
Network
|
rangerstudio
|
directus
|
In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/{id}. For each call, they get in response a lot of information about the user (such as email address, firs…
|
CWE-200
Information Exposure
|
CVE-2021-26593
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196195
|
6.5 |
MEDIUM
Network
|
arubanetworks
|
clearpass_policy_manager
|
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management int…
|
CWE-89
SQL Injection
|
CVE-2021-26686
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196196
|
7.2 |
HIGH
Network
|
arubanetworks
|
clearpass_policy_manager
|
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based m…
|
CWE-78
OS Command
|
CVE-2021-26684
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196197
|
7.2 |
HIGH
Network
|
arubanetworks
|
clearpass_policy_manager
|
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based m…
|
CWE-78
OS Command
|
CVE-2021-26683
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196198
|
6.1 |
MEDIUM
Network
|
arubanetworks
|
clearpass_policy_manager
|
A remote reflected cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal int…
|
CWE-79
Cross-site Scripting
|
CVE-2021-26682
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196199
|
7.2 |
HIGH
Network
|
arubanetworks
|
clearpass_policy_manager
|
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could a…
|
CWE-78
OS Command
|
CVE-2021-26681
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196200
|
6.1 |
MEDIUM
Network
|
arubanetworks
|
clearpass_policy_manager
|
A remote unauthenticated stored cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web…
|
CWE-79
Cross-site Scripting
|
CVE-2021-26678
|
2024-11-21 14:56 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
