Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27108 of 28407

CVE-2015-3655

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper...

CVE-2015-3656

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain privileges by leveraging failure to properly enforce authorization checks.

CVE-2015-3657

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain “Super Admin” privileges via unspecified vectors.

CVE-2015-4649

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-3654.

CVE-2015-5209

Posted by Cyberthreat Blog | Aug 29, 2017 | CVE Notifications |

Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object.

Author: Cyberthreat Blog

CVE-2015-3655

CVE-2015-3656

CVE-2015-3657

CVE-2015-4649

CVE-2015-5209