{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23813", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2026-01-16T15:22:38.202Z", "datePublished": "2026-03-11T03:08:43.421Z", "dateUpdated": "2026-03-30T15:46:11.068Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-30T15:46:11.068Z"}, "title": "Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset", "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "lessThanOrEqual": "10.17.0001", "versionType": "semver"}, {"status": "affected", "version": "10.16.0000", "lessThanOrEqual": "10.16.1020", "versionType": "semver"}, {"status": "affected", "version": "10.13.0000", "lessThanOrEqual": "10.13.1160", "versionType": "semver"}, {"status": "affected", "version": "10.10.0000", "lessThanOrEqual": "10.10.1170", "versionType": "semver"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.</p>"}]}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "CRITICAL", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program.", "type": "reporter"}], "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-287", "lang": "en", "description": "CWE-287 Improper Authentication"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-23813"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T03:55:20.757Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23813", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T13:32:39.308631Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T13:32:31.454Z"}}], "cna": {"title": "Authentication Bypass in Web Interface allows Unauthenticated Admin Password Reset", "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "versionType": "semver", "lessThanOrEqual": "10.17.0001"}, {"status": "affected", "version": "10.16.0000", "versionType": "semver", "lessThanOrEqual": "10.16.1020"}, {"status": "affected", "version": "10.13.0000", "versionType": "semver", "lessThanOrEqual": "10.13.1160"}, {"status": "affected", "version": "10.10.0000", "versionType": "semver", "lessThanOrEqual": "10.10.1170"}], "defaultStatus": "affected"}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.", "supportingMedia": [{"type": "text/html", "value": "<p>A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password.</p>", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-30T15:46:11.068Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23813", "state": "PUBLISHED", "dateUpdated": "2026-03-30T15:46:11.068Z", "dateReserved": "2026-01-16T15:22:38.202Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2026-03-11T03:08:43.421Z", "assignerShortName": "hpe"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en la interfaz de gesti\u00f3n basada en web de los switches AOS-CX que podr\u00eda permitir potencialmente a un actor remoto no autenticado eludir los controles de autenticaci\u00f3n existentes. En algunos casos, esto podr\u00eda permitir restablecer la contrase\u00f1a de administrador."}], "id": "CVE-2026-23813", "lastModified": "2026-03-11T14:16:19.637", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "security-alert@hpe.com", "type": "Secondary"}]}, "published": "2026-03-11T04:17:34.677", "references": [{"source": "security-alert@hpe.com", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.17.0000,10.17.0001]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.16.0000,10.16.1020]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.13.0000,10.13.1101]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.10.0000,10.10.1170]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "AOS-CX", "source": "cna", "vendor": "Hewlett Packard Enterprise (HPE)"}, "product": "arubaos-cx", "vendor": "hpe"}], "analysis": {"en": {"generated_at": "2026-03-17T16:05:24.694938+00:00", "value": {"mitigation_remediation": ["Apply vendor\u2011released patch for HPE AOS\u2011CX switches to eliminate the authentication bypass.", "If a patch is not yet available, restrict the web interface to an internal network segment or firewall to allow only trusted IP addresses.", "Replace any default credentials and enforce strong password policies on new installations.", "Monitor web\u2011interface logs for suspicious activity or authentication failures."], "summary": {"action": "Immediate Patch", "impact": "Authentication Bypass / Unauthenticated Password Reset"}, "threat_synthesis": {"affected_systems": "Affected systems are Hewlett Packard Enterprise HPE AOS-CX switches. The CVE entry does not provide specific model or firmware version information, so all product releases that include the affected web interface are potentially vulnerable.", "description_and_impact": "The vulnerability is a web-based authentication bypass in HPE AOS-CX switches that allows an unauthenticated attacker to circumvent existing authentication controls and, in some circumstances, reset the admin password. This weakness is catalogued as CWE-287 and presents an opportunity for an attacker to gain administrative access, compromising the confidentiality, integrity, and availability of the device and the network it protects.", "risk_and_exploitability": "The CVSS score of 9.8 classifies this issue as critical. EPSS is reported at less than 1\u202f%, indicating that exploitation is currently unlikely, but the severity warrants immediate action. The vulnerability is not listed in the CISA KEV catalog. The flaw can be exploited remotely by accessing the web interface over HTTP or HTTPS from an untrusted network, so the risk is high in environments where the interface is exposed externally."}}}}, "created": "2026-03-11T11:38:05.325348+00:00", "updated": "2026-03-20T14:38:02.718969+00:00", "vendors": ["hpe", "hpe$PRODUCT$arubaos-cx"]}