CVE-2020-7113
First published: Thu Apr 16 2020(Updated: )
A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arubanetworks Clearpass | >=6.7.0<6.7.13 | |
| Arubanetworks Clearpass | >=6.8.0<6.8.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-7113?
CVE-2020-7113 is a vulnerability that allows an attacker to intercept and change parameters in the HTTP packets while communicating with the ClearPass management interface, compromising ClearPass' service accounts.
How severe is CVE-2020-7113?
CVE-2020-7113 has a severity rating of 4.9 (medium).
Which software versions of ClearPass are affected by CVE-2020-7113?
ClearPass versions 6.7.0 to 6.7.13 and versions 6.8.0 to 6.8.4 are affected by CVE-2020-7113.
How can I fix CVE-2020-7113?
To fix CVE-2020-7113, upgrade to ClearPass versions 6.7.10, 6.8.1, 6.9.0, or higher.
Where can I find more information about CVE-2020-7113?
More information about CVE-2020-7113 can be found at the following link: [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-004.txt)
- collector/nvd-index
- agent/references
- vendor/arubanetworks
- canonical/arubanetworks clearpass
- version/arubanetworks clearpass/6.7.0
- version/arubanetworks clearpass/6.8.0