CVE-2014-4031: Infoleak
First published: Tue Jul 15 2014(Updated: )
The Policy Manager in Aruba Networks ClearPass 5.x, 6.0.x, 6.1.x through 6.1.4.61696, 6.2.x through 6.2.6.62196, and 6.3.x before 6.3.4 allows remote authenticated users to obtain database credentials via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Aruba Networks ClearPass | =5.0.1 | |
| Aruba Networks ClearPass | =5.1 | |
| Aruba Networks ClearPass | =5.2 | |
| Aruba Networks ClearPass | =6.0.1 | |
| Aruba Networks ClearPass | =6.0.2 | |
| Aruba Networks ClearPass | =6.1 | |
| Aruba Networks ClearPass | =6.1.4.61696 | |
| Aruba Networks ClearPass | =6.2 | |
| Aruba Networks ClearPass | =6.2.6.62196 | |
| Aruba Networks ClearPass | =6.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-4031?
CVE-2014-4031 has a high severity rating due to its potential to allow unauthorized access to sensitive database credentials.
How do I fix CVE-2014-4031?
To fix CVE-2014-4031, upgrade Aruba Networks ClearPass to version 6.3.4 or later.
What versions of Aruba Networks ClearPass are affected by CVE-2014-4031?
CVE-2014-4031 affects Aruba Networks ClearPass versions 5.x, 6.0.x, 6.1.x through 6.1.4.61696, 6.2.x through 6.2.6.62196, and 6.3.x before 6.3.4.
Who is at risk due to CVE-2014-4031?
Remote authenticated users of the affected versions of Aruba Networks ClearPass are at risk of obtaining database credentials.
What impact does CVE-2014-4031 have on an organization?
CVE-2014-4031 can lead to significant data breaches by exposing sensitive database credentials to unauthorized users.
- agent/author
- agent/references
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/severity
- agent/description
- vendor/arubanetworks
- canonical/aruba networks clearpass
- version/aruba networks clearpass/5.0.1
- version/aruba networks clearpass/5.1
- version/aruba networks clearpass/5.2
- version/aruba networks clearpass/6.0.1
- version/aruba networks clearpass/6.0.2
- version/aruba networks clearpass/6.1
- version/aruba networks clearpass/6.1.4.61696
- version/aruba networks clearpass/6.2
- version/aruba networks clearpass/6.2.6.62196
- version/aruba networks clearpass/6.3