Security Vulnerabilities, CVEs, Published In November 2014 (Bypass) CVSS score >= 7
CVE-2014-8424
Public exploit
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
Max CVSS
7.8
EPSS Score
87.93%
Published
2014-11-28
Updated
2014-11-28
Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-5342.
Max CVSS
9.0
EPSS Score
0.22%
Published
2014-11-19
Updated
2014-11-19
Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not properly restrict access to unspecified administrative functions, which allows remote attackers to bypass authentication and execute administrative actions via unknown vectors.
Max CVSS
10.0
EPSS Score
0.53%
Published
2014-11-19
Updated
2014-11-19
The Policy Manager in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to gain privileges via unspecified vectors.
Max CVSS
9.0
EPSS Score
0.23%
Published
2014-11-19
Updated
2014-11-19
The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified URL.
Max CVSS
7.5
EPSS Score
0.71%
Published
2014-11-05
Updated
2014-11-05
5 vulnerabilities found