cvedb.io
CVE-2018-7058
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-08-06T20:29:01.633 · Last modified 2026-06-17T02:02:36.180

Summary

Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent.

Affected products

hp — aruba_clearpass_policy_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when hp ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.