CVE-2026-23814

Summary

A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)AOS-CX10.17.0000 <= 10.17.0001affected
Hewlett Packard Enterprise (HPE)AOS-CX10.16.0000 <= 10.16.1020affected
Hewlett Packard Enterprise (HPE)AOS-CX10.13.0000 <= 10.13.1101affected
Hewlett Packard Enterprise (HPE)AOS-CX10.10.0000 <= 10.10.1170affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References