Aruba Networks ClearPass Information Disclosure Vulnerability

Aruba Networks ClearPass Information Disclosure Vulnerability

CVE-2014-6621 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not disable the troubleshooting and diagnostics page in production systems, which allows remote attackers to obtain version numbers, module configuration, and other sensitive information by reading the page.

Learn more about our Network Penetration Testing.