—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in HPE Aruba Networking AOS-CX

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

AOS-CX 10.17.xxxx: 10.17.0001 and below

AOS-CX 10.16.xxxx: 10.16.1020 and below

AOS-CX 10.13.xxxx: 10.13.1160 and below

AOS-CX 10.10.xxxx: 10.10.1170 and below

Overview

Multiple vulnerabilities have been reported in HPE Aruba Networking AOS-CX which could allow an attacker to bypass authentication, execute arbitrary commands, perform command injection and conduct open redirect attacks on the targeted systems.

Target Audience:

All organizations and individuals using HPE Aruba Networking AOS-CX.

Risk Assessment:

High risk of arbitrary command execution, authentication bypass and command injection.

Impact Assessment:

Potential for unauthorized administrative access, execution of malicious commands and compromise of the confidentiality, integrity, and availability of the network infrastructure.

Description

HPE Aruba Networking AOS-CX is the network operating system used in Aruba CX series switches designed for enterprise campus and data center networks.

1. Unauthenticated Admin Password Reset ( CVE-2026-23813   )

A vulnerability exists in the HPE ArubaOS (AOS) web-based management interface of AOS-CX that allows an unauthenticated attacker to bypass authentication and reset the admin password. Successful exploitation of this vulnerability could allow unauthorized administrative access and full compromise of the device.

2. Command Injection in AOS-CX CLI: ( CVE-2026-23814   CVE-2026-23815   CVE-2026-23816   )

These vulnerabilities exist in the HPE ArubaOS (AOS) due to improper input validation in certain CLI components of AOS-CX. An attacker could exploit these vulnerabilities by injecting malicious commands or sending specially crafted commands to the vulnerable system. Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary commands on the targeted system.

3. Open Redirect Vulnerability ( CVE-2026-23817   )

A vulnerability exists in the HPE ArubaOS (AOS) web-based management interface of AOS-CX due to improper validation of user-supplied redirection URLs. An attacker could exploit this vulnerability by crafting a specially crafted URL on the targeted system. Successful exploitation of this vulnerability could allow the attacker to redirect users to malicious websites and facilitate phishing.

Solution

Apply appropriate updates as mentioned:

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

Vendor Information

HPE

https://www.hpe.com/us/en/networking/hpe-aruba-networking.html

References

 

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US

CVE Name

CVE-2026-23813

CVE-2026-23814

CVE-2026-23815

CVE-2026-23816

CVE-2026-23817

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmm0MloACgkQ3jCgcSdc

ys/FGw/+N8hOkFVQaNHnO+EXp6i52seOnmZk3gyeMeBzonSHyo72ins6cJzD8bDz

mYl48WoBesQBp8qWefkAEHxRt5X7JUujcI7ctBJMfiGTpPdnrBMLHVpOB3H7l0u8

0DrpjHBxEOrehamSC5k6rQipmU58yB9fiHOcK4CBzTS5GlZ3Or2J0hOeZjQRznUl

ZkM8L66pLik+xtzxaxGa7Tn9MufYq4KfIPyRsFg8LHagNOa5i+F+jz7VCwvNeI/b

EeigRScwUOupYTcPHEheTOe4/kqpqc1GYNfqseh2r4pkbrPFHYeKMxCMdx8r9rZv

LvtWpOYGW8uheUjGK5OFNVtzB8xt1zLOnDgQzDyW/yonLmUW72mUdop0H6zlca+t

FHFNf/KS+dzmyRKGMK1NHmXlt8+Mdih6AvDSftpznmCszxQdO6Spb1kmdpU3EM8w

/ZO0962IrwEaFj4X7pypDki9Xlcy266qFNo3EFw0KIJDOAPCaNrosWr+cKLFCB5e

mWA4V9z9XjV0rdrpz7VhCUfsmiOdhegE/lQ5Yy3KuwZUriQLoPWMHleMfKjbRJx5

PjsNZTkE6VM5Kwkti93HFG07OewHlk17CcDv8yC6sj989n2VPq1978OAg/NdH2oJ

Doc6YcUMnN8qLiA3SSzx0fiCwv/P+WWEunUMoQ7tABFWgYADDA4=

=l6pn

—–END PGP SIGNATURE—–