ClearPass Management Interface HTTP Packet Parameter Interception Vulnerability

ClearPass Management Interface HTTP Packet Parameter Interception Vulnerability

CVE-2020-7113 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.

Learn more about our Web Application Penetration Testing UK.