{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23814", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2026-01-16T15:22:38.202Z", "datePublished": "2026-03-11T03:11:34.003Z", "dateUpdated": "2026-03-12T13:26:04.244Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:11:34.003Z"}, "title": "Authenticated Command Injection found in AOS-CX CLI Command", "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "lessThanOrEqual": "10.17.0001", "versionType": "semver"}, {"status": "affected", "version": "10.16.0000", "lessThanOrEqual": "10.16.1020", "versionType": "semver"}, {"status": "affected", "version": "10.13.0000", "lessThanOrEqual": "10.13.1101", "versionType": "semver"}, {"status": "affected", "version": "10.10.0000", "lessThanOrEqual": "10.10.1170", "versionType": "semver"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.</p>"}]}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "This vulnerability was discovered by the National Cybersecurity Agency of Italy (ACN).", "type": "reporter"}], "source": {"advisory": "HPESBNW05027", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T03:55:20.504405Z", "id": "CVE-2026-23814", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T13:26:04.244Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23814", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-12T03:55:20.504405Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T13:29:40.105Z"}}], "cna": {"title": "Authenticated Command Injection found in AOS-CX CLI Command", "source": {"advisory": "HPESBNW05027", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "This vulnerability was discovered by the National Cybersecurity Agency of Italy (ACN)."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "versionType": "semver", "lessThanOrEqual": "10.17.0001"}, {"status": "affected", "version": "10.16.0000", "versionType": "semver", "lessThanOrEqual": "10.16.1020"}, {"status": "affected", "version": "10.13.0000", "versionType": "semver", "lessThanOrEqual": "10.13.1101"}, {"status": "affected", "version": "10.10.0000", "versionType": "semver", "lessThanOrEqual": "10.10.1170"}], "defaultStatus": "affected"}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.", "supportingMedia": [{"type": "text/html", "value": "<p>A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.</p>", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:11:34.003Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23814", "state": "PUBLISHED", "dateUpdated": "2026-03-12T13:26:04.244Z", "dateReserved": "2026-01-16T15:22:38.202Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2026-03-11T03:11:34.003Z", "assignerShortName": "hpe"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior."}, {"lang": "es", "value": "Una vulnerabilidad en los par\u00e1metros de comando de un determinado comando CLI de AOS-CX podr\u00eda permitir a un atacante remoto autenticado con privilegios bajos inyectar comandos maliciosos, resultando en un comportamiento no deseado."}], "id": "CVE-2026-23814", "lastModified": "2026-03-11T14:16:19.773", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security-alert@hpe.com", "type": "Secondary"}]}, "published": "2026-03-11T04:17:34.883", "references": [{"source": "security-alert@hpe.com", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.17.0000,10.17.0001]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.16.0000,10.16.1020]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.13.0000,10.13.1101]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.10.0000,10.10.1170]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "AOS-CX", "source": "cna", "vendor": "Hewlett Packard Enterprise (HPE)"}, "product": "arubaos-cx", "vendor": "hpe"}], "analysis": {"en": {"generated_at": "2026-03-17T16:05:05.113846+00:00", "value": {"mitigation_remediation": ["Check the HPE support article for an available patch that addresses the command injection vulnerability.", "If no patch is released yet, restrict the number of users with authenticated CLI access and enforce least\u2011privilege permissions.", "Implement network segmentation or firewall rules to limit external hosts from reaching the AOS\u2011CX CLI management interface.", "Enable detailed logging for CLI activity and monitor for abnormal or unauthorized command execution patterns."], "summary": {"action": "Patch Now", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Affected product is Hewlett Packard Enterprise (HPE) AOS\u2011CX. The entry does not list specific vulnerable versions; therefore, any HPE AOS\u2011CX installations may be impacted until confirmed otherwise. The vendor support article (https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US) should be consulted for version applicability.", "description_and_impact": "Key detail from description: \"A vulnerability in the command parameters of a certain AOS\u2011CX CLI command could allow a low\u2011privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior.\" The vulnerability is a classic command injection (CWE\u201177) that allows an authenticated user to supply crafted parameters that are executed by the system. When exploited, this can lead to arbitrary code execution, privilege escalation, and complete compromise of the device, affecting confidentiality, integrity and availability.", "risk_and_exploitability": "The CVSS score of 8.8 indicates high severity. EPSS is below 1%, suggesting low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. However, only low\u2011privilege authenticated CLI access is required, a condition commonly obtainable for attackers with network access to the device. The attack vector is remote; a successful exploitation would enable execution of arbitrary system commands."}}}}, "created": "2026-03-11T11:38:04.438114+00:00", "updated": "2026-03-20T14:38:01.782443+00:00", "vendors": ["hpe", "hpe$PRODUCT$arubaos-cx"]}