Clearpass policy manager
This hub aggregates every CVE we track for Clearpass policy manager, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
137
CVEs tracked
21
Critical
72
High
1
In CISA KEV
Severity distribution
HIGH72MEDIUM43CRITICAL21LOW1
Monthly trend
3
0
0
0
0
4
0
4
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Clearpass policy manager.
- CVE-2025-25039Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface4.7
- CVE-2025-23060Sensitive Data Exposure Vulnerability in HPE Aruba Networking ClearPass Policy Manager (CPPM)6.6
- CVE-2025-23059Sensitive Information Disclosure in HPE Aruba Networking ClearPass Policy Manager6.8
- CVE-2025-23058Authenticated Broken Access Control Vulnerability in ClearPass Policy Manager Web-Based Management Interface8.8
- CVE-2024-53672Authenticated Remote Command Injection in HPE Aruba Networking ClearPass Policy Manager Web-Based Management Interface4.7
- CVE-2024-51773Authenticated Stored Cross-Site Scripting (XSS) in HPE Aruba Networking ClearPass Policy Manager Web-based Management Interface4.8
- CVE-2024-51772Authenticated Deserialization Vulnerability in ClearPass Policy Manager Web-Based Management Interface Leading to a Remote Command Execution (RCE)6.4
- CVE-2024-51771Authenticated Remote Code Execution (RCE) via OGNL Injection in HPE Aruba Networking ClearPass Web-Based Management Interface7.2
- CVE-2024-41916Authenticated Sensitive Information Disclosure in ClearPass Policy Manager6.8
- CVE-2024-41915Authenticated SQL Injection Vulnerability in ClearPass Policy Manager Web-based Management Interface7.2
- CVE-2024-5486Authenticated Sensitive Information Disclosure in ClearPass Policy Manager5.8
- CVE-2024-26302A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful explo...4.8
- CVE-2024-26301A vulnerability in the web-based management interface of ClearPass Policy Manager could allow a remote attacker authenticated with low privileges to access sensitive information. A successful explo...6.5
- CVE-2024-26300A vulnerability in the guest interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user ...6.6
- CVE-2024-26299A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an admin...6.6
Product normalization is registry-driven with AI assist and human review. How it works