CVE-2020-7111
First published: Thu Apr 16 2020(Updated: )
A server side injection vulnerability exists which could allow an authenticated administrative user to achieve Remote Code Execution in ClearPass. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arubanetworks Clearpass | >=6.7.0<6.7.13 | |
| Arubanetworks Clearpass | >=6.8.0<6.8.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-7111?
CVE-2020-7111 is a server side injection vulnerability in ClearPass that allows an authenticated administrative user to achieve Remote Code Execution.
How severe is CVE-2020-7111?
CVE-2020-7111 has a severity score of 7.2, which is considered high.
Which versions of ClearPass are affected by CVE-2020-7111?
ClearPass versions 6.7.0 to 6.7.13 and 6.8.0 to 6.8.4 are affected by CVE-2020-7111.
How can CVE-2020-7111 be fixed?
CVE-2020-7111 can be fixed by updating ClearPass to version 6.7.13, 6.8.4, 6.9.0, or higher.
Where can I find more information about CVE-2020-7111?
More information about CVE-2020-7111 can be found at the following link: [Aruba Networks Security Advisory](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-004.txt)
- collector/nvd-index
- vendor/arubanetworks
- canonical/arubanetworks clearpass
- version/arubanetworks clearpass/6.7.0
- version/arubanetworks clearpass/6.8.0