Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-7058

EPSS 0.80% · P74
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-7058

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Aruba ClearPass 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Aruba ClearPass是美国安移通网络(Aruba Networks)公司的一套集成了网络控制功能、应用和设备管理功能的接入管理系统。该系统可在单一位置管理与BYOD(自带设备)相关的各种事宜。 Aruba ClearPass 6.6.9之前的6.6.x版本中的ClearPass web界面存在安全漏洞。攻击者可利用该漏洞获取管理员权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Hewlett Packard EnterpriseAruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 -

II. Public POCs for CVE-2018-7058

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-7058

登录查看更多情报信息。

Same Patch Batch · Hewlett Packard Enterprise · 2018-08-06 · 38 CVEs total

CVE-2018-7071HPE Network Function Virtualization Director 安全漏洞
CVE-2017-8992HPE CentralView Fraud Risk Management 权限许可和访问控制问题漏洞
CVE-2017-9000Aruba ArubaOS 安全漏洞
CVE-2017-9001Aruba ClearPass 安全漏洞
CVE-2017-9002Aruba ClearPass 跨站脚本漏洞
CVE-2017-9003Aruba ArubaOS 安全漏洞
CVE-2018-7060Aruba ClearPass 跨站请求伪造漏洞
CVE-2018-7068HPE CentralView Fraud Risk Management 安全漏洞
CVE-2018-7069HPE CentralView Fraud Risk Management 安全漏洞
CVE-2018-7070HPE CentralView Fraud Risk Management 安全漏洞
CVE-2017-8991HPE CentralView Fraud Risk Management 跨站脚本漏洞
CVE-2018-7072HPE Moonshot Provisioning Manager 安全漏洞
CVE-2018-7073HPE Moonshot Provisioning Manager 安全漏洞
CVE-2018-7074HPE Intelligent Management Center PLAT 安全漏洞
CVE-2018-7075HPE Intelligent Management Center PLAT 跨站脚本漏洞
CVE-2018-7078HPE Integrated Lights-Out 4和Integrated Lights-Out 5 安全漏洞
CVE-2018-7090HPE XP P9000 Command View Advanced Edition Software DevMgr、TSMgr和RepMgr 跨站脚本漏洞
CVE-2018-7091HPE XP P9000 Command View Advanced Edition Software DevMgr、TSMgr和RepMgr 安全漏洞
CVE-2018-7092HPE Intelligent Management Center PLAT 安全漏洞
CVE-2016-4405HPE Business Service Management 安全漏洞

Showing top 20 of 38 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Aruba ClearPass
Same vendor: Hewlett Packard Enterprise

V. Comments for CVE-2018-7058

No comments yet

Leave a comment