CVE-2026-23817

Summary

A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)AOS-CX10.17.0000 <= 10.17.0001affected
Hewlett Packard Enterprise (HPE)AOS-CX10.16.0000 <= 10.16.1020affected
Hewlett Packard Enterprise (HPE)AOS-CX10.13.0000 <= 10.13.1101affected
Hewlett Packard Enterprise (HPE)AOS-CX10.10.0000 <= 10.10.1170affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References