CVE-2020-7113

EPSS 0.37%
Published 16.04.2020 19:15:34
Last modified 21.11.2024 05:36:39
Source security-alert@hpe.com
Teams watchlist Login
Open Login

A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Arubanetworks ≫ Clearpass Version >= 6.7.0 < 6.7.13

Arubanetworks ≫ Clearpass Version >= 6.8.0 < 6.8.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.37%	0.578

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.9	1.2	3.6	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-004.txt

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-7113

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-7113

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-7113

EUVD