certfr_avis - certfr-2026-avi-0262

CERTFR-2026-AVI-0262

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans HPE Aruba Networking AOS-CX. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
HPE Aruba Networking	AOS-CX	AOS-CX versions 10.16.x antérieures à 10.16.1030
HPE Aruba Networking	AOS-CX	AOS-CX versions10.17.x antérieures à 10.17.1001
HPE Aruba Networking	AOS-CX	AOS-CX versions 10.13.x antérieures à 10.13.1161
HPE Aruba Networking	AOS-CX	AOS-CX versions 10.10.x antérieures à 10.10.1180

References

Title

Publication Time

Tags

Bulletin de sécurité HPE Aruba Networking HPESBNW05027

2026-03-10

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "AOS-CX versions 10.16.x ant\u00e9rieures \u00e0 10.16.1030",
      "product": {
        "name": "AOS-CX",
        "vendor": {
          "name": "HPE Aruba Networking",
          "scada": false
        }
      }
    },
    {
      "description": "AOS-CX versions10.17.x  ant\u00e9rieures \u00e0 10.17.1001",
      "product": {
        "name": "AOS-CX",
        "vendor": {
          "name": "HPE Aruba Networking",
          "scada": false
        }
      }
    },
    {
      "description": "AOS-CX versions 10.13.x ant\u00e9rieures \u00e0 10.13.1161",
      "product": {
        "name": "AOS-CX",
        "vendor": {
          "name": "HPE Aruba Networking",
          "scada": false
        }
      }
    },
    {
      "description": "AOS-CX versions 10.10.x ant\u00e9rieures \u00e0 10.10.1180",
      "product": {
        "name": "AOS-CX",
        "vendor": {
          "name": "HPE Aruba Networking",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-23814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23814"
    },
    {
      "name": "CVE-2026-23813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23813"
    },
    {
      "name": "CVE-2026-23817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23817"
    },
    {
      "name": "CVE-2026-23816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23816"
    },
    {
      "name": "CVE-2026-23815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23815"
    }
  ],
  "initial_release_date": "2026-03-11T00:00:00",
  "last_revision_date": "2026-03-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0262",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans HPE Aruba Networking AOS-CX. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HPE Aruba Networking AOS-CX",
  "vendor_advisories": [
    {
      "published_at": "2026-03-10",
      "title": "Bulletin de s\u00e9curit\u00e9 HPE Aruba Networking HPESBNW05027",
      "url": "https://csaf.arubanetworking.hpe.com/2026/hpe_aruba_networking_-_hpesbnw05027.txt"
    }
  ]
}

CVE-2026-23816 (GCVE-0-2026-23816)

Vulnerability from cvelistv5

Published

2026-03-11 03:13

Modified

2026-03-11 15:43

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

References

URL

Tags

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

Impacted products

	Vendor	Product	Version
	Hewlett Packard Enterprise (HPE)	AOS-CX	Version: 10.17.0000 ≤ 10.17.0001 Version: 10.16.0000 ≤ 10.16.1020 Version: 10.13.0000 ≤ 10.13.1101 Version: 10.10.0000 ≤ 10.10.1170

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23816",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T15:43:24.113031Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-78",
                "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-11T15:43:49.752Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AOS-CX",
          "vendor": "Hewlett Packard Enterprise (HPE)",
          "versions": [
            {
              "lessThanOrEqual": "10.17.0001",
              "status": "affected",
              "version": "10.17.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.16.1020",
              "status": "affected",
              "version": "10.16.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.13.1101",
              "status": "affected",
              "version": "10.13.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.10.1170",
              "status": "affected",
              "version": "10.10.0000",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking\u0027s Bug Bounty program."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.\u003c/p\u003e"
            }
          ],
          "value": "A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T03:13:25.324Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us\u0026docLocale=en_US"
        }
      ],
      "source": {
        "advisory": "HPESBNW05027",
        "discovery": "INTERNAL"
      },
      "title": "Authenticated Command Injection found in admin AOS-CX CLI command",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2026-23816",
    "datePublished": "2026-03-11T03:13:25.324Z",
    "dateReserved": "2026-01-16T15:22:38.202Z",
    "dateUpdated": "2026-03-11T15:43:49.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23817 (GCVE-0-2026-23817)

Vulnerability from cvelistv5

Published

2026-03-11 03:14

Modified

2026-03-11 15:45

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.

References

URL

Tags

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

Impacted products

	Vendor	Product	Version
	Hewlett Packard Enterprise (HPE)	AOS-CX	Version: 10.17.0000 ≤ 10.17.0001 Version: 10.16.0000 ≤ 10.16.1020 Version: 10.13.0000 ≤ 10.13.1101 Version: 10.10.0000 ≤ 10.10.1170

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23817",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T15:44:48.565263Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-601",
                "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-11T15:45:06.318Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AOS-CX",
          "vendor": "Hewlett Packard Enterprise (HPE)",
          "versions": [
            {
              "lessThanOrEqual": "10.17.0001",
              "status": "affected",
              "version": "10.17.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.16.1020",
              "status": "affected",
              "version": "10.16.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.13.1101",
              "status": "affected",
              "version": "10.13.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.10.1170",
              "status": "affected",
              "version": "10.10.0000",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "This vulnerability was discovered by Christopher Simmelink through HPE Aruba Networking\u2019s Bug Bounty program."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.\u003c/p\u003e"
            }
          ],
          "value": "A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T03:14:18.534Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us\u0026docLocale=en_US"
        }
      ],
      "source": {
        "advisory": "HPESBNW05027",
        "discovery": "INTERNAL"
      },
      "title": "Unauthenticated Open Redirect allows URL Manipulation in Web Interface",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2026-23817",
    "datePublished": "2026-03-11T03:14:18.534Z",
    "dateReserved": "2026-01-16T15:22:38.202Z",
    "dateUpdated": "2026-03-11T15:45:06.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23814 (GCVE-0-2026-23814)

Vulnerability from cvelistv5

Published

2026-03-11 03:11

Modified

2026-03-12 13:26

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.

References

URL

Tags

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

Impacted products

	Vendor	Product	Version
	Hewlett Packard Enterprise (HPE)	AOS-CX	Version: 10.17.0000 ≤ 10.17.0001 Version: 10.16.0000 ≤ 10.16.1020 Version: 10.13.0000 ≤ 10.13.1101 Version: 10.10.0000 ≤ 10.10.1170

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23814",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-12T03:55:20.504405Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T13:26:04.244Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AOS-CX",
          "vendor": "Hewlett Packard Enterprise (HPE)",
          "versions": [
            {
              "lessThanOrEqual": "10.17.0001",
              "status": "affected",
              "version": "10.17.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.16.1020",
              "status": "affected",
              "version": "10.16.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.13.1101",
              "status": "affected",
              "version": "10.13.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.10.1170",
              "status": "affected",
              "version": "10.10.0000",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "This vulnerability was discovered by the National Cybersecurity Agency of Italy (ACN)."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.\u003c/p\u003e"
            }
          ],
          "value": "A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T03:11:34.003Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us\u0026docLocale=en_US"
        }
      ],
      "source": {
        "advisory": "HPESBNW05027",
        "discovery": "EXTERNAL"
      },
      "title": "Authenticated Command Injection found in AOS-CX CLI Command",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2026-23814",
    "datePublished": "2026-03-11T03:11:34.003Z",
    "dateReserved": "2026-01-16T15:22:38.202Z",
    "dateUpdated": "2026-03-12T13:26:04.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23813 (GCVE-0-2026-23813)

Vulnerability from cvelistv5

Published

2026-03-11 03:08

Modified

2026-03-30 15:46

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.

References

URL

Tags

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

Impacted products

	Vendor	Product	Version
	Hewlett Packard Enterprise (HPE)	AOS-CX	Version: 10.17.0000 ≤ 10.17.0001 Version: 10.16.0000 ≤ 10.16.1020 Version: 10.13.0000 ≤ 10.13.1160 Version: 10.10.0000 ≤ 10.10.1170

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23813",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-287",
                "description": "CWE-287 Improper Authentication",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T03:55:20.757Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AOS-CX",
          "vendor": "Hewlett Packard Enterprise (HPE)",
          "versions": [
            {
              "lessThanOrEqual": "10.17.0001",
              "status": "affected",
              "version": "10.17.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.16.1020",
              "status": "affected",
              "version": "10.16.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.13.1160",
              "status": "affected",
              "version": "10.13.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.10.1170",
              "status": "affected",
              "version": "10.10.0000",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking\u0027s Bug Bounty program."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.\u003c/p\u003e"
            }
          ],
          "value": "A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-30T15:46:11.068Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us\u0026docLocale=en_US"
        }
      ],
      "source": {
        "advisory": "HPESBNW05027",
        "discovery": "INTERNAL"
      },
      "title": "Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2026-23813",
    "datePublished": "2026-03-11T03:08:43.421Z",
    "dateReserved": "2026-01-16T15:22:38.202Z",
    "dateUpdated": "2026-03-30T15:46:11.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-23815 (GCVE-0-2026-23815)

Vulnerability from cvelistv5

Published

2026-03-11 03:12

Modified

2026-03-12 03:55

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.

References

URL

Tags

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

Impacted products

	Vendor	Product	Version
	Hewlett Packard Enterprise (HPE)	AOS-CX	Version: 10.17.0000 ≤ 10.17.0001 Version: 10.16.0000 ≤ 10.16.1020 Version: 10.13.0000 ≤ 10.13.1101 Version: 10.10.0000 ≤ 10.10.1170

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23815",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-12T03:55:19.327Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AOS-CX",
          "vendor": "Hewlett Packard Enterprise (HPE)",
          "versions": [
            {
              "lessThanOrEqual": "10.17.0001",
              "status": "affected",
              "version": "10.17.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.16.1020",
              "status": "affected",
              "version": "10.16.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.13.1101",
              "status": "affected",
              "version": "10.13.0000",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.10.1170",
              "status": "affected",
              "version": "10.10.0000",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking\u0027s Bug Bounty program."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA vulnerability in a custom binary used in AOS-CX Switches\u0027 CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.\u003c/p\u003e"
            }
          ],
          "value": "A vulnerability in a custom binary used in AOS-CX Switches\u0027 CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-11T03:15:26.981Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us\u0026docLocale=en_US"
        }
      ],
      "source": {
        "advisory": "HPESBNW05027",
        "discovery": "INTERNAL"
      },
      "title": "Authenticated Command Injection found in AOS-CX Administrative CLI Command",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2026-23815",
    "datePublished": "2026-03-11T03:12:29.772Z",
    "dateReserved": "2026-01-16T15:22:38.202Z",
    "dateUpdated": "2026-03-12T03:55:19.327Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CERTFR-2026-AVI-0262

Vulnerability from certfr_avis

Solutions

CVE-2026-23816 (GCVE-0-2026-23816)

Vulnerability from cvelistv5

CVE-2026-23817 (GCVE-0-2026-23817)

Vulnerability from cvelistv5

CVE-2026-23814 (GCVE-0-2026-23814)

Vulnerability from cvelistv5

CVE-2026-23813 (GCVE-0-2026-23813)

Vulnerability from cvelistv5

CVE-2026-23815 (GCVE-0-2026-23815)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature