A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability.

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-29150
• https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-012.txt