Authenticated SQL Injection Vulnerability in ClearPass Policy Manager Web-based Management Interface

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit this vulnerability to obtain and modify sensitive information in the underlying database potentially leading to complete compromise of the ClearPass Policy Manager cluster.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

N/A

Hewlett Packard Enterprise ClearPass Policy Manager 安全漏洞

Hewlett Packard Enterprise ClearPass Policy Manager是美国慧与科技（Hewlett Packard Enterprise）公司的一个无线网络安全接入管理系统。 Hewlett Packard Enterprise ClearPass Policy Manager存在安全漏洞，该漏洞源于允许经过身份验证的远程攻击者进行SQL注入攻击。

N/A

N/A