Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent.

Related CVEs

CVE-2018-7058

Key Information

GHSA ID

GHSA-269j-j2cg-h6qp

Published

May 14, 2022 2:20 AM

Last Modified

May 14, 2022 2:20 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 3, 2025 6:14 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.