It is possible for an unauthenticated user with network access to a ClearPass server to expose database credentials.
This vulnerability leads to complete system compromise. Severity: CRITICAL CVSSv3 Overall Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Discovery: This vulnerability was discovered by [email protected] and reported through the BugCrowd managed bug bounty
program. FIX: Fixed in 6.5.7 and 6.6.2 Bounty: $1,500