{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23815", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2026-01-16T15:22:38.202Z", "datePublished": "2026-03-11T03:12:29.772Z", "dateUpdated": "2026-03-12T03:55:19.327Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:15:26.981Z"}, "title": "Authenticated Command Injection found in AOS-CX Administrative CLI Command", "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "lessThanOrEqual": "10.17.0001", "versionType": "semver"}, {"status": "affected", "version": "10.16.0000", "lessThanOrEqual": "10.16.1020", "versionType": "semver"}, {"status": "affected", "version": "10.13.0000", "lessThanOrEqual": "10.13.1101", "versionType": "semver"}, {"status": "affected", "version": "10.10.0000", "lessThanOrEqual": "10.10.1170", "versionType": "semver"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.</p>"}]}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program.", "type": "reporter"}], "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-11T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-23815"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T03:55:19.327Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23815", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T15:42:17.818038Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T15:42:52.496Z"}}], "cna": {"title": "Authenticated Command Injection found in AOS-CX Administrative CLI Command", "source": {"advisory": "HPESBNW05027", "discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "This vulnerability was discovered and reported by moonv through HPE Aruba Networking's Bug Bounty program."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "AOS-CX", "versions": [{"status": "affected", "version": "10.17.0000", "versionType": "semver", "lessThanOrEqual": "10.17.0001"}, {"status": "affected", "version": "10.16.0000", "versionType": "semver", "lessThanOrEqual": "10.16.1020"}, {"status": "affected", "version": "10.13.0000", "versionType": "semver", "lessThanOrEqual": "10.13.1101"}, {"status": "affected", "version": "10.10.0000", "versionType": "semver", "lessThanOrEqual": "10.10.1170"}], "defaultStatus": "affected"}], "references": [{"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.", "supportingMedia": [{"type": "text/html", "value": "<p>A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands.</p>", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2026-03-11T03:15:26.981Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23815", "state": "PUBLISHED", "dateUpdated": "2026-03-12T03:55:19.327Z", "dateReserved": "2026-01-16T15:22:38.202Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2026-03-11T03:12:29.772Z", "assignerShortName": "hpe"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands."}, {"lang": "es", "value": "Una vulnerabilidad en un binario personalizado utilizado en la CLI de los switches AOS-CX podr\u00eda permitir a un atacante remoto autenticado con privilegios elevados realizar una inyecci\u00f3n de comandos. La explotaci\u00f3n exitosa podr\u00eda permitir a un atacante ejecutar comandos no autorizados."}], "id": "CVE-2026-23815", "lastModified": "2026-03-11T16:16:26.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security-alert@hpe.com", "type": "Secondary"}]}, "published": "2026-03-11T04:17:35.080", "references": [{"source": "security-alert@hpe.com", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05027en_us&docLocale=en_US"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.17.0000,10.17.0001]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.16.0000,10.16.1020]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.13.0000,10.13.1101]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[10.10.0000,10.10.1170]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "AOS-CX", "source": "cna", "vendor": "Hewlett Packard Enterprise (HPE)"}, "product": "arubaos-cx", "vendor": "hpe"}], "analysis": {"en": {"generated_at": "2026-03-17T15:14:59.700675+00:00", "value": {"mitigation_remediation": ["Apply the patch or upgrade to the latest firmware version released by HPE as per the official advisory. ", "Restrict CLI access to trusted administrators and enforce strong authentication. ", "Verify that the switch firmware is up\u2011to\u2011date by checking HPE support for the latest security releases."], "summary": {"action": "Immediate Patch", "impact": "Command Injection / Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The affected product is Hewlett Packard Enterprise (HPE) AOS-CX Switches. No specific version range is provided in the CNA data, so all deployments using the affected binary are potentially vulnerable until a patch is applied.", "description_and_impact": "AOS-CX Switches contain a custom binary that can be invoked through the administrative CLI. The vulnerability allows an attacker with authenticated high privileges to exploit a command injection flaw. This results in arbitrary command execution on the host, granting the attacker full control over the system and the ability to tamper with configuration or data.", "risk_and_exploitability": "The CVSS score is 7.2, indicating a high impact but not critical. EPSS is below 1%, suggesting a low likelihood of exploitation in the wild. The vulnerability is not in the CISA KEV catalog. Exploitation requires remote authentication and high privilege, making it strictly an authenticated attack vector."}}}}, "created": "2026-03-11T11:38:03.362907+00:00", "updated": "2026-03-20T14:38:00.914545+00:00", "vendors": ["hpe", "hpe$PRODUCT$arubaos-cx"]}