It is possible for an unauthenticated user with network access to a ClearPass server to expose database credentials.
This vulnerability leads to complete system compromise.
Severity: CRITICAL
CVSSv3 Overall Score: 9.8
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Discovery: This vulnerability was discovered by [email protected] and reported through the BugCrowd managed bug bounty
program.
FIX: Fixed in 6.5.7 and 6.6.2
Bounty: $1,500