CVE-2025-23053

Summary

A privilege escalation vulnerability exists in the web-based management interface of HPE Aruba Networking Fabric Composer. Successful exploitation could allow an authenticated low privilege operator user to change the state of certain settings of a vulnerable system.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)HPE Aruba Networking Fabric Composer (AFC)7.0.0 <= 7.1.0affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References